📄️ Certificate feed (TCF-0601)
The service provides a continuous list of certificates alongside the information about associated samples signed with the certificate(s). The feed output can be filtered by sample classification status - for example, it can return certificates that signed only malware samples (with samples being included). This is an easy way for a user to get valid and self-signed certificates that are being used in impersonation attempts.