33 lines
904 B
Plaintext
33 lines
904 B
Plaintext
This is a simple, but (eventually) very fast scanner to identify certificates in use on your network.
|
|
|
|
Documentation is terrible at this point; the program is still being written and debugged, so configuration and output formats are in flux.
|
|
|
|
== Installation
|
|
|
|
Download the sources and run `cargo build --release`
|
|
|
|
Copy the binary `target/release/ascertain` somewhere on your path.
|
|
|
|
== Configuration
|
|
|
|
A simple example to get you started:
|
|
|
|
Place the following in sample_config.toml and run using `ascertain -c sample_config.toml`
|
|
[toml]
|
|
----
|
|
[targets]
|
|
hosts = ["10.24.74.0/24"]
|
|
ports = [443, 80, 8443, 636]
|
|
live_port = 22
|
|
|
|
[output]
|
|
format = "json"
|
|
output_file = "certs.jsonl"
|
|
issuer_file = "issuers.jsonl"
|
|
----
|
|
|
|
This probes port 22 to see if the target even exists; if so, it scans the other four ports.
|
|
|
|
There are many more config options; read src/config.rs and JSONConfig in src/report.rs for details.
|
|
|