GithubHelp home page GithubHelp logo

yodatak / certificate-ripper Goto Github PK

View Code? Open in Web Editor NEW

This project forked from hakky54/certificate-ripper

0.0 0.0 0.0 12.77 MB

๐Ÿ” A CLI tool to extract server certificates

License: Apache License 2.0

Shell 4.00% Java 96.00%

certificate-ripper's Introduction

Actions Status Security Rating Coverage Apache2 license GitHub stars chart

SonarCloud

Certificate Ripper ๐Ÿ”

A CLI tool to extract server certificates

Demo

alt text

Advantages

  • It is fast
  • Easy to use
  • No openssl required
  • Runs on any Operating System
  • Can be used with or without Java, native executables are present in the releases
  • Extracts all the sub-fields of the certificate
  • Certificates can be formatted to PEM format
  • Bulk extraction of multiple different urls with a single command is possible
  • Extracted certificates can be stored automatically into a p12 truststore
  • Works also behind a proxy

Installing & Usage

Mac OS X - Homebrew ๐Ÿบ

brew tap hakky54/crip
brew install crip
crip print --url=https://stackoverflow.com/

Windows

  1. Download the latest binary here: Releases
  2. Extract the compressed file
  3. Start cmd and cd to the extracted file
  4. Run start /b "" "crip.exe" print --url=https://stackoverflow.com/

Linux

From Source

  1. Download the latest binary here: Releases
  2. Extract the compressed file
  3. Add the reference to your environment variables: export CRIP_HOME=/path/to/crip/binary
  4. Run crip print --url=https://stackoverflow.com/

Contributed/Unofficial Installation Methods

Arch-Linux (AUR)
  1. Install the certificate-ripper-bin AUR package
  2. Run crip print --url=https://stackoverflow.com/

Using Executable JAR

Minimum requirements:

  1. Java 8
  2. A terminal

Setup

  1. Download the latest JAR here: Releases
  2. Run it with java -jar crip.jar print --url=https://youtube.com/

CLI Options

Usage: crip [COMMAND]
Commands:
  print             Prints the extracted certificates to the console
  export p12        Export the extracted certificate to a PKCS12/p12 type truststore
  export jks        Export the extracted certificate to a JKS (Java KeyStore) type truststore
  export der        Export the extracted certificate to a binary form also known as DER
  export pem        Export the extracted certificate to a base64 encoded string also known as PEM
  
Usage: crip print
Prints the extracted certificates to the console
  -f, --format              To be printed certificate format. This option is not required. Default is human-readable.
  -u, --url                 Url of the target server to extract the certificates. Can be provided multiple times.

Usage: crip export pkcs12
Export the extracted certificate to a PKCS12/p12 type truststore
  -p, --password            TrustStore password. This option is not required. Default is changeit.
  -u, --url                 Url of the target server to extract the certificates. Can be provided multiple times.
  -d, --destination         Destination of the to be stored file. Default is current directory if none is provided.
      
Usage: crip export der
Export the extracted certificate to a binary form also known as DER
  -u, --url                 Url of the target server to extract the certificates. Can be provided multiple times.
  -c, --combined            Indicator to either combine all of the certificate into one file for a given url or export into individual files.
  -d, --destination         Destination of the to be stored file. Default is current directory if none is provided.

Usage: crip export pem
Export the extracted certificate to a base64 encoded string also known as PEM
  -u, --url                 Url of the target server to extract the certificates. Can be provided multiple times.
  -c, --combined            Indicator to either combine all of the certificate into one file for a given url or export into individual files.
  -d, --destination         Destination of the to be stored file. Default is current directory if none is provided.
      --include-header      Indicator to either omit or include additional information above the BEGIN statement.
      
Proxy options applicable for all commands
      --proxy-host          Proxy host
      --proxy-port          Proxy port
      --proxy-password      Password for authenticating the user for the given proxy
      --proxy-user          User for authenticating the user for the given proxy

Example usages

Single export

crip export pkcs12 -u=https://github.com

Bulk export

crip export pkcs12 \
-u=https://youtube.com \
-u=https://github.com \
-u=https://stackoverflow.com \
-u=https://facebook.com

Specify custom truststore destination path

crip export pkcs12 -u=https://github.com -d=/path/to/directory

Print in human-readable format

crip print -u=https://github.com

Print in PEM format

crip print -u=https://github.com -f=pem

Batch print in PEM format

crip print -f=pem \
-u=https://youtube.com \
-u=https://github.com \
-u=https://stackoverflow.com \
-u=https://facebook.com

Extracting behind a proxy

crip print -u=https://stackoverflow.com --proxy-host=my-host.com --proxy-port=1234 --proxy-user=foo --proxy-password

Combining certificates

crip export pem -u=https://github.com --combined=true

Defining custom file name

Works only with the combined option while only specifying a single url.

crip export pem -u=https://github.com --combined=true --destionation=/path/to/export/github-chain.crt

Contributing

There are plenty of ways to contribute to this project:

  • Give it a star
  • Share it with a Tweet
  • Submit a PR

certificate-ripper's People

Contributors

hakky54 avatar antiz96 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.