In this post, you will learn what is crt.sh and how it works and mainly you will learn how to gather information using this site and check the below video if you like my voice 😜.
What is crt.sh
Crt.sh is a site where you could find all the SSL or TLS certificates of the particular targeted domain. And the site is open-source to monitor the certificates.
The site is in a GUI format and it is really very easy to gather the information and the motive of the site is to keep the certificate logs very transparently.
Even you could find the certificates algorithms in a ciphertext format. The crt.sh stands for “certificates.Saint Helena”
Who developed the crt.sh tool?
The site was developed by this guy and he seems to be very intelligent and I have given the author page and also the site link check it out.
How to gather information using crt.sh 🤔
Gathering information using this site is very easy, follow the steps carefully 🆗
Step1: Open crt.sh
Just enter into the site by entering crt.sh and the GUI seems something like this ✔
Step2: Enter the target
Enter the target domain, yes man you should know the target to search for the certificate…
Searching for certs is very useful to see what kind of encryption the site is going through and much more 🆒
Iam searching for my domain techyrick.com
Once you have entered the target you get the certificate ID once clicked on the ID you get further information on the certificate Identity, Once click on the ID you get GUI like this one 👇🏽
Now we got the information like the security algorithm it is following so there are two algorithms and the SHA-256 is currently in use and it also has SHA-1
We could see the certificate issuer name, This information is sweet for us 🍫. Oh yeah man
So, what could you do with this cert issuer name? Well, a lot can be done think about what you can do and comment below and once you comment I will reply with what could I do 🤞.
Once you click on the cert issuer you will get the certificate issuers policy, which looks something like this 👇.
So, this is how to gather information using the site “crt.sh” and you man=y final ask what if I decrypt the hash and get inside your server.
That is impossible because every year or every 3 to 6 months the certificates will be renewed 😮.
According to my knowledge, this is the best site to gather the certificate information. So, read my recommended blogs and stay ethically hacked.
Also Read: Let’s gather theHarvester Information
Also Read: What is a canary token? Explained