2

Off the Cuff: Freak in the Google Sheets

Certificate hunting using our favourite free spreadsheet.
2

Hey folks!

Here’s a quick video on how to scrape SSL certificate information from crt.sh with Google Sheets1. This technique can help you discover interesting subdomains, domains that are connected to your target or phishing domains that are abusing your brand. Copy and paste the entire row of hostnames into your favourite reconnaissance or scanning tools, or fire up a Kasm session and start browsing to see what you can find.

Now, stay tuned for our regular instalments and feel free to ask questions in the comments below. I am happy to demonstrate how to slice and dice a variety of data to help your investigations!

Justin

PS. The function we used is:

=IMPORTHTML(“https://crt.sh?q=twitter.com”,”table”)

Share


Bullsh*t Hunting is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

1

IMPORTHTML Function - Google Developer Reference - (link)

2 Comments
Authors
Justin Seitz