Gungnir is a command-line tool written in Go that continuously monitors certificate transparency (CT) logs for newly issued SSL/TLS certificates.
Its primary purpose is to aid security researchers and penetration testers in discovering new domains and subdomains as soon as they are issued certificates, allowing for timely security testing.
The tool connects to multiple CT logs and actively watches for new certificate entries.
Whenever a new certificate is detected, Gungnir extracts the domains and subdomains present in the certificate’s subject alternative names (SANs) and Common Name (CN) and prints them to stdout in real-time.
By running Gungnir continuously, security professionals can stay ahead of the curve and rapidly identify potential attack surfaces as soon as new domains or subdomains become active on the web.
This proactive approach enables early reconnaissance, vulnerability scanning, and prompt remediation of any identified issues.
go install github.com/g0ldencybersec/gungnir/cmd/gungnir@latest
Usage of gungnir:
-debug Debug CT logs to see if you are keeping up. Outputs to STDERR
-r Path to the list of root domains to filter against
-v Output go logs (500/429 errors) to STDERR
-j JSONL output cert info
To run the tool, use a text file of root domains you want to monitor: roots.txt
. Then, run the gungnir
module:
./gungnir -r roots.txt (filtered)
- or -
./gungnir (unfiltered)
Once the tool starts and initializes, it will print domains to stdout. So feel free to pipe the output into your favorite tool!
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…