Hacking Tools

Gungnir : Monitoring Certificate Transparency In Real-Time

Gungnir is a command-line tool written in Go that continuously monitors certificate transparency (CT) logs for newly issued SSL/TLS certificates.

Its primary purpose is to aid security researchers and penetration testers in discovering new domains and subdomains as soon as they are issued certificates, allowing for timely security testing.

The tool connects to multiple CT logs and actively watches for new certificate entries.

Whenever a new certificate is detected, Gungnir extracts the domains and subdomains present in the certificate’s subject alternative names (SANs) and Common Name (CN) and prints them to stdout in real-time.

By running Gungnir continuously, security professionals can stay ahead of the curve and rapidly identify potential attack surfaces as soon as new domains or subdomains become active on the web.

This proactive approach enables early reconnaissance, vulnerability scanning, and prompt remediation of any identified issues.

Key Features:

  • Real-time Monitoring: Actively monitors multiple CT logs for newly issued certificates.
  • Domain Extraction: Extracts domains and subdomains from certificate subject alternative names and common name.
  • Continuous Output: Prints discovered domains and subdomains to stdout as they are detected.
  • Customizable Filtering: Allows filtering output based a text file of root domains. Gungnir is designed to be a lightweight and efficient tool, making it suitable for running on various platforms, from local machines to cloud instances or containerized environments.

Installation

go install github.com/g0ldencybersec/gungnir/cmd/gungnir@latest

Usage

Options

Usage of gungnir:
  -debug    Debug CT logs to see if you are keeping up. Outputs to STDERR
  -r        Path to the list of root domains to filter against
  -v        Output go logs (500/429 errors) to STDERR
  -j        JSONL output cert info

To run the tool, use a text file of root domains you want to monitor: roots.txt. Then, run the gungnir module:

./gungnir -r roots.txt (filtered)
- or -
./gungnir (unfiltered)

Once the tool starts and initializes, it will print domains to stdout. So feel free to pipe the output into your favorite tool!

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityGungnirinformationsecuritykalilinuxkalilinuxtools
6 months ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

6 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago