A penetration tester wants to query Certificate Transparency logs to find all SSL/TLS certificates issued for a target domain, which may reveal subdomains. Which tool or website is specifically designed for this purpose?
crt.sh queries Certificate Transparency logs for certificates.
Why this answer
crt.sh is a website that queries Certificate Transparency logs and returns certificates for a domain, often revealing subdomains. Shodan and Censys also provide certificate data but crt.sh is focused on CT logs. Let's Encrypt is a CA, not a log query tool.