crt.sh
Search certificate-transparency logs for certificates and related hostnames.
- slug
- crtsh
- visibility
- Public
- risk
- safe
- level
- 0
What this tool does.
crt.sh provides direct search access into certificate-transparency data, which makes it valuable for hostname discovery, certificate history and domain footprint research.
Useful for subdomain discovery and investigating public certificate issuance around a target.
Dev-docs · 2 documents.
Related articles.
Start Here: How to Use an OSINT Tool Catalog Without Getting Lost
A practical introduction to navigating an OSINT tool catalog without falling into random tool-hopping, weak assumptions, or unnecessary complexity.
A Practical Method for Domain and Infrastructure Recon
A practical framework for reading domains, certificates, DNS history, stack hints, and broader internet-facing context without turning infrastructure research into noise.
crt.sh vs SecurityTrails vs Censys: Three Different Ways to Read Infrastructure
crt.sh, SecurityTrails, and Censys all help with infrastructure research, but they answer different questions and belong at different points in the workflow.
Passive First: When Public Web Research Should Stay Narrow
A practical argument for staying narrow and passive as long as possible in public web research, before broader or more interaction-heavy methods start adding noise.
Related tools.
Other tools that share a category with this one.