COMPUTEST SURICAT

You will receive alerts for all subdomains of the domain you enter. We'll use your email address only to send you alerts and updates about this service. Those emails will contain an unsubscribe link for this service. By submitting this form you agree with our terms and conditions (see here).

Why this tool?

Certificate Authorities for SSL/TLS certificates don't receive much scrutiny from the public. Recent events around StartCom and WoSign (see below) have proven that things can go wrong unnoticed for a long time. Certificate Transparency as a technology provides the basis for improvement, but by itself is not usable for everyone. This service allows you to use Certificate Transparency to your advantage.

How does it work?

You enter a domain name and an email address where you'd like to receive alerts. We periodically scrape several Certificate Transparency servers (Google Aviator, Pilot and Rocketeer, Venafi), and search for your domain in those logs. If we find a match, we'll send you an alert with the certificate details and the certificate itself.

Where can I find more information?

• Certificate Transparency - certificate-transparency.org
• StartCom and WoSign - The Register
• Our research - Computest Blog 1 / Blog 2 / Blog 3