Open iamthefrogy opened 1 week ago
You can use -tls-probe send http probes on the extracted TLS domains (dns_name)
flag to extract data. For example,
$ go run . -u scanme.sh -silent -j -tls-probe | jq .tls
{
"host": "scanme.sh",
"port": "443",
"probe_status": true,
"tls_version": "tls13",
"cipher": "TLS_AES_128_GCM_SHA256",
"self_signed": true,
"mismatched": true,
"not_before": "2022-06-07T15:18:51Z",
"not_after": "2032-06-04T15:18:51Z",
"subject_dn": "CN=scanme, O=pd",
"subject_cn": "scanme",
"subject_org": [
"pd"
],
"issuer_dn": "CN=scanme, O=pd",
"issuer_cn": "scanme",
"issuer_org": [
"pd"
],
"fingerprint_hash": {
"md5": "eacf1e9b4acca9168b43f84a9bfaa7c5",
"sha1": "550837ef878d58c92820e9498e3807c6bd7184ec",
"sha256": "ebbf69a9e7ba65b51fa12cd44105055c2c2c250706e9795fab219d3d5dff5fac"
},
"tls_connection": "ctls",
"sni": "scanme.sh"
}
I am using this command.
httpx -l subdomains.txt -o result -oa
Why is TLS always nil? What should I do if I want to organize TLS/SSL certificate data (expired or not) and other information neatly in a spreadsheet using the default command mentioned above?