Automic VaultAutomic Vault

brew

Install gsan with Homebrew, Nix

Extract subdomains from SSL certificates in HTTPS sites. Version 5.0.0 via Homebrew; verified 2026-06-21.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install gsan

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#gsan

nixpkgs package indexes · pkgs/by-name/gs/gsan/package.nix · source: api.github.com

overview

Package summary

Extract subdomains from SSL certificates in HTTPS sites

Commands and aliases

  • gsan

history

Project history and usage

GSAN, from the getaltname project, is a small reconnaissance CLI for extracting Subject Alternative Names from HTTPS certificates. Its distinctive point is that it connects directly to servers rather than relying on Certificate Transparency logs.

Project history

The GitHub repository was created in November 2017, and early releases appeared in March 2018. The release stream moved quickly through 0.x and 1.x versions in 2018, reached 3.x during 2018 and 2019, published 4.2.3 in October 2020, and published 5.0.0 in August 2024.

The README and GitHub Pages site present a focused tool: pass a domain or pipe domain and IP:PORT lists into `gsan`, extract DNS names from the certificate SAN extension, and optionally write output for other tools.

Adoption history

GSAN's adoption evidence is narrow but clear: it is packaged for Homebrew and Nix and documented for pipx and Docker use. Its audience is security practitioners doing subdomain enumeration, especially in cases where direct certificate inspection is useful for internal servers, self-signed certificates, or targets not covered by public Certificate Transparency logs.

How it is used

Basic usage is `gsan example.com`, producing the SAN DNS names found in the HTTPS certificate. The documentation also shows piping many targets with xargs, using Docker, combining results from Shodan, applying timeouts, writing an output file, and passing that output to Nmap.

Why package nerds care

GSAN is package-manager interesting as a tiny Python security CLI whose value comes from composing with other tools. It takes certificate metadata, emits target lists, and fits into Unix pipelines with Shodan, xargs, Docker, and Nmap.

Timeline

  • 2017: GitHub repository created.
  • 2018: 0.2.0 through 2.0.0 releases published in March.
  • 2018: 3.0.3 release published in July.
  • 2019: 3.0.13 and v3.0.14 releases published.
  • 2020: v4.2.3 release published.
  • 2024: v5.0.0 release published.

Related projects

  • Shodan is shown in the README as a source of HTTPS targets for GSAN.
  • Nmap is shown as a downstream consumer of GSAN output files.
  • Certificate Transparency log tools are related but differ from GSAN's direct TLS-connection approach.

security posture

Risk level: blue

broad file, network, media, or database tool signal.

Risk classifier

blue risk · medium confidence · tool

Why

  • broad file, network, media, or database tool signal

Signals

  • text:http

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 1 platform targets.
  • Installs with 2 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
gsancliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version5.0.0
manager updated2026-06-21
local dataok
upstreamnot checked
latest detectednot detected

https://franccesco.github.io/getaltname/

install metadata

Package metadata

Package keybrew:gsan
Version5.0.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/gsan
Homepagehttps://franccesco.github.io/getaltname/
Repositoryhttps://github.com/franccesco/getaltname
Upstream docshttps://franccesco.github.io/getaltname
LicenseMIT
Source archivehttps://files.pythonhosted.org/packages/73/0c/1fc5a29ae79fd74f0fd54d2c4d487b8cf7b21ede08efe99a6c39977816c6/gsan-5.0.0.tar.gz
Last updated2026-06-21T14:25:28Z
Pulseupdated
Dependenciescryptography, python@3.14
Bottleavailable (on all)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namegsan
Version Scheme0
Revision5
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

gsan

nix profile install nixpkgs#gsan
  • normalized package name match
  • Matched by: Gsan
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/gs/gsan/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment