Every SSL/TLS certificate ever issued for this name, indexed from public CT logs.
| domain | status |
|---|---|
| api.offensive-security.comcrt.sh Let's Encrypt | expired 11mo ago |
| api.offensive-security.comcrt.sh Google Trust | expired 11mo ago |
| api.offensive-security.comcrt.sh Google Trust | expired 11mo ago |
| api.offensive-security.comcrt.sh Let's Encrypt | expired 1y ago |
| api.offensive-security.comcrt.sh Google Trust | expired 1y ago |
| api.offensive-security.comcrt.sh Google Trust | expired 1y ago |
| api.offensive-security.comcrt.sh Google Trust | expired 1y ago |
| api.offensive-security.comcrt.sh Unknown Issuer | expired 1y ago |
| api.offensive-security.comcrt.sh Let's Encrypt | expires in 22d |
| api.offensive-security.comcrt.sh Google Trust | expired 26d ago |
# Python
$ pip install ct-radar
$ ct-radar api.offensive-security.com | httpx -silent# Go
$ go install github.com/imfht/ct-radar-cli/cli@latest
$ ct-radar api.offensive-security.com | nucleiThis page lists every X.509 (SSL/TLS) certificate ever issued for api.offensive-security.com and its subdomains, as recorded in public Certificate Transparency (CT) logs. CT logs are an immutable, append-only record of every certificate issued by participating Certificate Authorities (CAs), as required by the major browsers since 2018.
Subdomain enumeration via CT logs is one of the highest-signal techniques in reconnaissance — every time a TLS certificate is issued, all Subject Alternative Names (SANs) on that certificate become public. Internal and forgotten subdomains regularly show up here days after they're set up.
To monitor api.offensive-security.com for newly-issued certificates in real-time (useful for detecting unauthorized issuance, phishing variants, or shadow IT) add it to your watchlist (Pro plan).