Kontrola : creating SSL expiry report

Kontrola is a a script that uses nmap to sweep a subnet looking for ports with SSL certs, then querying those certs to discover upcoming expiration dates. Besides discovery, it can also do more traditional tracking using a host based file that you provide

You can read more about this here

It is a way to take the guesswork of when certificates expire as its hard to track sometimes in large companies this can be done for external certificates as well as internal ones.

However it is more about getting the reports in a friendly report that everyone can read like this:


First you need to install it, I like Kali Linux, but choose your own poison there, once at the shell you need to run this to install it:

git clone https://github.com/philcryer/kontrola.git
cd kontrola

Once install, edit the domains.txt file, adding domains you want be checked, then run the script. simple.

./kontrola

If you are looking to scan internal addresses then you can do so with this command:

discovery="yes" discovery_subnet="10.10.0.0/32" ./kontrola 

Obviously substitute the subet range for the range you want it to scan.

Reports are outputted to the /html folder.
Previous Post Next Post

Ω†Ω…ΩˆΨ°Ψ¬ Ψ§Ω„Ψ§ΨͺΨ΅Ψ§Ω„