SNItch – fuzz the TLS SNI field to discover hidden virtual hosts
securitySNItch is a security tool that fuzzes the TLS Server Name Indication (SNI) field to discover hidden or non-indexed virtual hosts on a target server. It is designed for penetration testers and security researchers to uncover shadow IT, staging environments, or internal services that are not publicly linked. This is interesting because it reveals a common blind spot in attack surface management, where hosts are hidden behind a single IP but accessible via manipulated SNI values.
Cross-platform signals
You might also like
More in security
Open Cyber Threat Intelligence Platform
Tuta is an email service with a strong focus on security and privacy that lets you encrypt emails, contacts and calendar…
JWA, JWS, JWE, JWT, JWK, JWKS for Node.js, Browser, Cloudflare Workers, Deno, Bun, and other Web-interoperable runtimes
Cyber Security ALL-IN-ONE Platform