This app scans a range of IP addresses for domains with TLS 1.3 and HTTP/2 (h2) enabled. It is designed to identify useful SNI (Server Name Indication) domains for various configurations and tests.
- Features
- Installation
- Usage
- Parameters
- Example Output
- Building from Source
- Ethical Usage
- Contribution
- License
| Feature | Description |
|---|---|
| TLS 1.3 and HTTP/2 | Scans for domains supporting TLS 1.3 and HTTP/2 to identify modern, secure configurations. |
| TLS Ping Display | Shows TLS Ping results for the scanned domains, helping assess response times. |
| Top Servers | Outputs the top servers based on the lowest ping values, useful for prioritizing fast servers. |
results.txt: Contains the detailed scan log.domains.txt: Contains only the discovered domain names.
Note: It is recommended to run this scanner locally (with your residential internet). Running a scanner in the cloud may cause VPS providers to flag your account.
Download the appropriate binary for your system architecture (amd64 or arm64).
- Download and set up the binary:
wget "https://github.com/v-kamerdinerov/SNI-Finder/releases/latest/download/SNI-Finder-$(uname -s | tr A-Z a-z)-amd64" -O SNI-Finder && chmod +x SNI-Finder
- Run the scanner:
./SNI-Finder -addr <ip-address>
- Download the binary from Releases.
- Open
CMDorPowershellin the download directory. - Run the scanner:
.\SNI-Finder-windows-amd64.exe -addr <ip-address>
Replace
<ip-address>with the IP address range you want to scan.
| Argument | Type | Default Value | Description |
|---|---|---|---|
-addr |
string | 0.0.0.0 |
The starting address for the scan. |
-num |
int | 10000 |
The number of IPs to scan. |
-o |
bool | true |
Enable or disable output to the results.txt file. |
-port |
string | 443 |
The port to scan. |
-showFail |
bool | false |
Show logs for failed scans. |
-thread |
int | 128 |
The number of threads to run in parallel for scanning. |
-timeOut |
int | 4 |
The scan timeout in seconds. |
-top |
int | 10 |
The number of top servers to display. |
Here’s a sample output for your reference:
2024-09-08 22:25:49 37.139.62.38:443 TLS v1.3 ALPN: h2 pixelproof.ru Ping: 22.315ms
2024-09-08 22:25:51 37.139.62.151:443 TLS v1.3 ALPN: h2 maelia.rs Ping: 34.011ms
2024-09-08 22:25:51 37.139.62.192:443 TLS v1.3 ALPN: h2 doterra-challenge.ru Ping: 22.68ms
2024-09-08 22:28:06 Scan completed.
Top servers by TLS Ping:
1: 37.139.41.28:443 TLS v1.3 ALPN: h2 jsdaddy.tech Ping: 3.121ms
2: 37.139.42.255:443 TLS v1.3 ALPN: h2 malyi-biznes.ru Ping: 3.496ms
3: 37.139.42.35:443 TLS v1.3 ALPN: h2 88date.co Ping: 3.797ms
4: 37.139.41.247:443 TLS v1.3 ALPN: h2 you-note.ru Ping: 3.804ms
5: 37.139.43.113:443 TLS v1.3 ALPN: h2 medvuza.ru Ping: 4.029ms
6: 37.139.40.192:443 TLS v1.3 ALPN: h2 xn--8f9ac.xn--p1ai Ping: 9.772ms
7: 37.139.42.68:443 TLS v1.3 ALPN: h2 mega74.ru Ping: 11.621ms
8: 37.139.62.38:443 TLS v1.3 ALPN: h2 pixelproof.ru Ping: 22.315ms
9: 37.139.62.192:443 TLS v1.3 ALPN: h2 doterra-challenge.ru Ping: 22.68ms
10: 37.139.62.151:443 TLS v1.3 ALPN: h2 maelia.rs Ping: 34.011ms
Install wget:
sudo apt install -y wgetRun this script to install Go and other dependencies (Debian & Ubuntu & RedOS $ RHEL):
wget "https://raw.githubusercontent.com/v-kamerdinerov/SNI-Finder/main/install-go.sh" -O install-go.sh && chmod +x install-go.sh && bash install-go.shTip: A system reboot is recommended after installation.
- Clone the repository:
git clone https://github.com/v-kamerdinerov/SNI-Finder.git
- Navigate into the repository directory:
cd SNI-Finder - Download and install the all required package:
go mod tidy
- Build the project:
CGO_ENABLED=0 go build
This tool is intended for educational and legitimate testing purposes only. Unauthorized scanning of networks without permission may violate laws and result in severe penalties. Use responsibly.
Contributions are welcome! Please fork the repository and submit a pull request. Make sure your code adheres to the existing style and is thoroughly tested.
This project is licensed under the MIT License. See the LICENSE file for details.