https://github.com/thescriptguy/pinned-certificate-hostnames

A curated list of hostnames that use certificate pinning to prevent decryption
https://github.com/thescriptguy/pinned-certificate-hostnames

Last synced: 12 months ago
JSON representation

A curated list of hostnames that use certificate pinning to prevent decryption

• Host: GitHub
• URL: https://github.com/thescriptguy/pinned-certificate-hostnames
• Owner: TheScriptGuy
• Created: 2024-02-07T23:15:58.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2025-05-26T02:37:12.000Z (about 1 year ago)
• Last Synced: 2025-05-26T03:54:46.921Z (about 1 year ago)
• Language: Python
• Size: 460 KB
• Stars: 3
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md

Awesome Lists containing this project

README

          
# :pushpin: :lock: Certificate :pushpin: :lock:

A repository for known pinned certificates hostnames out on the internet.

# tl;dr

Download the file relevant to your needs:

Hosted on Cloudflare:

* The [compiled-with-comments.txt](https://files.nolanrumble.com/pinned-certificates/compiled-with-comments.txt) file contains the headers and hostnames to help navigate the list.

* The [compiled-without-comments.txt](https://files.nolanrumble.com/pinned-certificates/compiled-without-comments.txt) file contains only the hostnames.

* The [panw-compiled-without-comments.txt](https://files.nolanrumble.com/pinned-certificates/panw-compiled-without-comments.txt) file contains only the hostnames and specific for Palo Alto Networks devices.

* The [file-validation.hash](https://files.nolanrumble.com/pinned-certificates/file-validation.hash) file contains a sha256 hash of the 3 text files above.

# Directory Structure

```

data/

  -> category/

     -> application-name/

        -> hostnames

        -> header

```

* The `hostnames` file contains a list of known hostnames that use certificate pinning

* The `header` file contains a header that is appended into the `compiled.txt` file when compilation of all contents of the data parsed.

# Contributions

If you would like to contribute to this list, please feel to create a pull request and submit the following information to support the request:

* Vendor

* Application Name

* Application Category - ideally use one of the existing categories defined, but opent to creating a new one.

* Public URL (if applicable) that mentions pinned certificate hostnames or wildcard domains.

* (Optional/Preferred) Wireshark capture showing the TLS handshake failing and the Fatal error. Need to see the hostname being established in the handshake to make a correlation.