CertificateScanner

3.0.0.0

Scan websites, IP addresses, or entire network ranges for SSL/TLS certificate details including expiration dates,
issuer information, and subject details. Supports HTTPS and LDAPS protocols with optional OS detection and reverse DNS lookup.

Features:
- Single site scanning
- Bulk file-based scanning  
- Network range scanning with CIDR notation
- Parallel processing
Scan websites, IP addresses, or entire network ranges for SSL/TLS certificate details including expiration dates,
issuer information, and subject details. Supports HTTPS and LDAPS protocols with optional OS detection and reverse DNS lookup.

Features:
- Single site scanning
- Bulk file-based scanning  
- Network range scanning with CIDR notation
- Parallel processing for network scans
- HTTPS and LDAPS certificate detection
- OS fingerprinting for certificate hosts
- Expiration filtering and monitoring
- CSV export with append functionality
- Email reporting capabilities
- Reverse DNS resolution (with optional custom DNS server)

Show more

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Script -Name CertificateScanner

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Package Details

Author(s)

  • Faris Malaeb

Tags

SSL Certificate Scan Network OS Detection DNS

Functions

Show-Help Show-Examples Get-ReverseDnsName ConvertTo-IPRange Test-TCPPort Get-OSTypeFromHost Get-LDAPSCertificate ScanSiteInformaiton Invoke-ParallelScan Get-ReverseDnsNameInternal Test-TCPPortInternal Get-OSTypeFromHostInternal Get-LDAPSCertificateInternal ScanSiteInformaitonInternal Apply-ExpirationFilter Save-Results SendMailToTheInternet

Dependencies

This script has no dependencies.

Release Notes

- Added -DnsServer parameter by user request. When used with -IncludeReverseDNS, this allows specifying a custom DNS server for all reverse lookup queries.
- Created a new robust helper function for reverse DNS lookups that uses Resolve-DnsName with an nslookup fallback.
- Integrated the custom DNS functionality across all scan types (Single, File, Network).
- Updated help and examples to reflect the new -DnsServer parameter.

FileList

Version History

Version Downloads Last updated
3.0.0.0 (current version) 4 8/16/2025
2.1.0.0 368 3/1/2024
2.0.0.0 14 2/28/2024
1.0.0.0 663 12/24/2021