YoVDO

CertGraph - A Tool to Crawl the Graph of SSL Certificate Alternate Names Using Certificate Transparency

Offered By: 0xdade via YouTube

Tags

ShmooCon Courses Cybersecurity Courses Network Security Courses System Administration Courses SSL Certificates Courses Certificate Authorities Courses Certificate Transparency Courses

Course Description

Overview

Explore the world of SSL certificates and Certificate Transparency in this 23-minute conference talk by Ian Foster. Dive into the unintended privacy implications of Certificate Transparency for both end-users and organizations. Learn about CertGraph, a new tool for uncovering and enumerating domains hidden in SSL certificate Alternative Names. Discover how CertGraph crawls internet-accessible certificates through exposed hosts and Certificate Transparency logs, creating visual graphs of certificates and domains. Gain insights into identifying internal and public domains, host enumeration, and misconfigured SSL certificates. Understand the background of Certificate Transparency, its importance in solving trust issues with Certificate Authorities, and how to protect yourself and your organization from potential privacy risks.

Syllabus

Introduction
Overview
Alt Names
Obtaining a Certificate
What happens if a Certificate Authority misbehaves
DigiNotar
Symantec
Certificate Transparency
Time Life
How it works
Emergency logs
DNS record
Expect certificate
Search engines
CertGraph
Web Interface
CDN


Taught by

0xdade

Related Courses

An Introduction to Computer Networks
Stanford University via Independent
Computer Networks
University of Washington via Coursera
Computer Networking
Georgia Institute of Technology via Udacity
Cybersecurity and Its Ten Domains
University System of Georgia via Coursera
Model Building and Validation
AT&T via Udacity