OpenProduct

SNItch – fuzz the TLS SNI field to discover hidden virtual hosts

security
Visit site
0
Tracked since 2026-06-11
Share
AI Summary

SNItch is a security tool that fuzzes the TLS Server Name Indication (SNI) field to discover hidden or non-indexed virtual hosts on a target server. It is designed for penetration testers and security researchers to uncover shadow IT, staging environments, or internal services that are not publicly linked. This is interesting because it reveals a common blind spot in attack surface management, where hosts are hidden behind a single IP but accessible via manipulated SNI values.

Cross-platform signals

Y
Hacker News
View
points
comments

You might also like

More in security