Package Documentation
Storm Package: synapse-crtsh
The following Commands are available from this package. This documentation is generated for version 2.8.0 of the package.
Storm Commands
This package implements the following Storm Commands.
crtsh.certs
Query crt.sh for certificates.
Accepts hash:md5, hash:sha1, hash:sha256, crypto:x509:cert and inet:fqdn nodes
as input and queries the crt.sh database of certificates. If a matching
certificate is available, it will be downloaded and parsed with the
Synapse-FileParser service.
When an inet:fqdn node is used as input, the search query will match certificates
for that domain as well as any subdomains.
Example:
// Search for certificates issued to vertex.link or any subdomain of vertex.link.
inet:fqdn=vertex.link | crtsh.certs
// Search for certificates matching a sha256 hash and yield the results.
hash:sha256 | limit 1 | crtsh.certs --yield
Usage: crtsh.certs [options]
Options:
--help : Display the command usage.
--debug : Show verbose debug output.
--size <size> : Limit the number of results ingested to the given size (per-node).
--yield : Yield the newly created nodes.
--asof <asof> : This argument is deprecated and no longer has any effect.
--timeout <timeout> : The max number of seconds to let each crt.sh query run.
crtsh.setup.db
Configure the crt.sh Synapse-Sidepocket connection.
Usage: crtsh.setup.db [options]
Options:
--help : Display the command usage.
--name <name> : Name to use for the Synapse-Sidepocket connection. (default: crtsh)
--timeout <timeout> : The default max number of seconds to let each crt.sh query run. (default: 60)
crtsh.subdomains
Query crt.sh to discover subdomains.
Accepts inet:fqdn nodes as input and queries the crt.sh database of certificates
to search for any subdomains present.
Example:
// Search for subdomains of vertex.link
inet:fqdn=vertex.link | crtsh.subdomains
// Search for subdomains of vertex.link and yield the results.
inet:fqdn=vertex.link | crtsh.subdomains --yield
Usage: crtsh.subdomains [options]
Options:
--help : Display the command usage.
--debug : Show verbose debug output.
--size <size> : Limit the number of results ingested to the given size (per-node).
--yield : Yield the newly created nodes.
--asof <asof> : This argument is deprecated and no longer has any effect.
--timeout <timeout> : The max number of seconds to let each crt.sh query run.
Storm Modules
This package does not export any Storm APIs.