certspotter
Cert Spotter Cert Spotter is the lightweight Go scanner for Certificate Transparency logs, alerting on new or unauthorized certs for subdomains via email or webhooks in passive recon. Run its CLI with --domains for monitoring, customizing filters for typosquatting. Open-source from SSLMate, it's the cert sentinel for pentesters templating subdomain takeover watches.
Explore →ct-monitor
CT Monitor CT Monitor is the ProtonMail-forked tool that tails CT logs for domain matches, notifying via email or Slack on new certs for ongoing recon on issued TLS. Deploy its Go binary with -domains for watches, parsing JSON for details. Open-source from ProtonMail, it's the log listener for OSINT pros tracking cert emissions.
Explore →trackssl
TrackSSL TrackSSL monitors CT logs for expiry and fraud alerts, templating watches on domains with notifications for changes in cert chains during recon. Configure via Go CLI with --notify for integrations, scanning for duplicates or misissues. Open-source from trackssl, it's the expiry enforcer for pentesters templating cert lifecycle intel.
Explore →ct-mon
CT Mon CT Mon is the regex-based CT watcher that stores cert details in MongoDB, matching CN/SAN for alerts on new issuances in subdomain discovery. Run its Python script with --regexp for patterns, querying DB for historical views. Open-source from kyprizel, it's the Mongo matcher for analysts templating cert searches.
Explore →ct-log-monitor
CT Log Monitor CT Log Monitor tails public logs for subdomain certs, flagging typosquatting with custom thresholds for proactive recon on domain shadows. Deploy its Go binary with --check-typosquatting, outputting alerts for review. Open-source from sglambert, it's the typo trapper for pentesters monitoring lookalike issuances.
Explore →certi
Certi Certi is the Python CT log querier that tracks issued certs for domains, exporting CSV for analysis in OSINT workflows on ownership changes. Run with --domain for watches, filtering by dates for historical pulls. Open-source from t0mer, it's the cert cataloger for recon rangers templating issuance intel.
Explore →ctlwatcher
CTLWatcher CTLWatcher monitors CT streams with regex for domain matches, storing in SQLite and alerting on hits for ongoing recon on cert events. Configure via Python with --db for persistence, running as daemon for continuous logs. Open-source from pathtofile, it's the stream sentinel for pentesters templating real-time cert watches.
Explore →certstream-monitor
CertStream Monitor CertStream Monitor tails live CT websockets for subdomain alerts, filtering for exact matches and logging to DB for historical recon queries. Run its Python script with --domains, integrating webhooks for notifications. Open-source from AssuranceMaladieSec, it's the websocket watcher for analysts templating instant cert detections.
Explore →ct-woodpecker
CT Woodpecker CT Woodpecker verifies log compliance and new entries with custom checks, templating scans for CT stability in recon on issuance patterns. Deploy its Python tool with --log for servers, auditing for anomalies. Open-source from Let's Encrypt, it's the log linter for pentesters ensuring cert transparency feeds are reliable.
Explore →waybackct