Show HN: SNItch – fuzz the TLS SNI field to discover hidden virtual hosts

Category: security

Tags: tls, sni-fuzzing, host-discovery, security-audit, reconnaissance

Score: 6.8/10 (Innovation: 6, Technical: 7, Documentation: 7, Utility: 7)

SNItch fuzzes the TLS SNI field in ClientHello messages to discover hidden virtual hosts, bypassing limitations of HTTP-layer tools like ffuf and gobuster. Its iterative discovery process combining certificate extraction, CT log queries, and DNS cross-validation makes it a specialized but powerful recon tool for security assessments. The project is technically solid and well-documented, filling a known gap in TLS-layer host enumeration.

Target audience: security engineers, penetration testers, devops

Repository: https://github.com/cirosec/SNItch · Go · AGPL-3.0 · 1 stars

View on Hacker News