- Fetch subdomains for a single domain or multiple domains from a file
- Automatic dependency installation (jq, curl)
- Configurable curl timeout and retry attempts
- Colorized output for better readability
- Option to output results to stdout or save to files
- Custom output directory support
- Bash shell
- Internet connection
- Either root access or permission to install packages (for automatic dependency installation)
- Clone this repository or download the
crtsf.shscript:
git clone https://github.com/isanjaymenon/crtsf.gitcd crtsf- Make the script executable:
chmod +x crtsf.sh./crtsf.sh -d example.com./crtsf.sh -d example.com -o /path/to/output -t 60 -r 5-d: Domain to search-f: File containing a list of domains-o: Output directory (default: ./crtsf-results)-s: Output to stdout instead of a file-t: Curl timeout in seconds (default: 30)-r: Maximum number of retries (default: 3)-h: Display help message
- Search for subdomains of a single domain:
./crtsf.sh -d example.com- Search for subdomains of multiple domains from a file:
./crtsf.sh -f domains.txt- Custom output directory and increased timeout:
./crtsf.sh -d example.com -o /tmp/subdomains -t 60- Output results to stdout:
./crtsf.sh -d example.com -sContributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
- crt.sh for providing certificate transparency log data
- curl for transferring data specified with URL syntax
- jq for JSON processing
Ensure you have permission to scan domains that you do not own.
For any queries or suggestions, please open an issue in this repository.