{"id":13800763,"url":"https://github.com/seisvelas/SAN-Scanner","last_synced_at":"2025-05-13T09:31:54.393Z","repository":{"id":186948160,"uuid":"298923952","full_name":"seisvelas/SAN-Scanner","owner":"seisvelas","description":"Burp Suite extension for passively discovering Subject Alt Names in SSL/TLS certificates","archived":false,"fork":false,"pushed_at":"2020-10-01T04:40:37.000Z","size":101,"stargazers_count":3,"open_issues_count":3,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-11-18T15:55:02.127Z","etag":null,"topics":["burp","burp-extensions","burpsuite","security","security-tools","ssl-certificates"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/seisvelas.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-09-27T00:40:32.000Z","updated_at":"2021-12-11T22:46:11.000Z","dependencies_parsed_at":null,"dependency_job_id":"87c223ba-6b54-4ded-8251-aac55510cabb","html_url":"https://github.com/seisvelas/SAN-Scanner","commit_stats":null,"previous_names":["seisvelas/san-scanner"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seisvelas%2FSAN-Scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seisvelas%2FSAN-Scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seisvelas%2FSAN-Scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/seisvelas%2FSAN-Scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/seisvelas","download_url":"https://codeload.github.com/seisvelas/SAN-Scanner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253913236,"owners_count":21983281,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp","burp-extensions","burpsuite","security","security-tools","ssl-certificates"],"created_at":"2024-08-04T00:01:16.031Z","updated_at":"2025-05-13T09:31:52.651Z","avatar_url":"https://github.com/seisvelas.png","language":"Java","funding_links":[],"categories":["Information Gathering"],"sub_categories":[],"readme":"SAN Scanner is a Burp Suite extension for enumerating associated domains \u0026 services via the Subject Alt Names section of SSL certificates. \n\n| Index |\n| ------------- |\n| [What is a SAN cert](#what-is-a-san-cert)  |\n| [Use for security professionals](#Use-for-security-professionals)  |\n| [Building the extension](#building-the-extension)  |\n\n\n## What is a SAN cert\n\nSome webmasters use a single SSL certificate to secure multiple domain names. This is accomplished via the Subject Alternative Name field. For example,\nthe cert for StackOverflow.com contains dozens of other domain names covered by the same cert:\n\n![StackOverflow SSL Cert](https://github.com/seisvelas/SAN-Scanner/blob/master/screenshots/Screenshot%20from%202020-09-28%2001-27-24.png)\n\nSAN certs convenience admins because they only have to worry about updating a single certificate for the various domains under their stewardship.\n\n## Use for security professionals\n\nExamining Subject Alt Names is a routine part of enumeration and OSINT. Given a domain, SANs help you find associated domains and services, often hosted in the same\nnetwork or server. Recreationally, SAN enumeration is often useful for CTF security games (the \n[Mango](https://medium.com/@tellicolungrevink/hack-the-box-mango-70d906fc8b58) machine on HackTheBox famously hid a needed domain name in an otherwise\ninocuous SSL cert).\n\nAside from the offensive component, SANs often point to out-of-date or no longer extant domains that can be or have been picked up by others. This extension\nis useful for reminding webmasters to update such certs.\n\n## Building the extension\n\nYou can build the directory using the following commands (on Linux):\n\n```\ngit clone git@github.com:seisvelas/SAN-Scanner.git\ncd SAN-Scanner/\ngradle build\n```\n\nThat's it! The .jar will be created in `build/libs/SAN\\ Scanner.jar`, which you can load into Burp Extender.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseisvelas%2FSAN-Scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fseisvelas%2FSAN-Scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fseisvelas%2FSAN-Scanner/lists"}