CloudFail: find hidden IP’s behind the CloudFlare network – Penetration Testing

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases.

Misconfigured DNS scan using DNSDumpster.com.

Scan the Crimeflare.com database.

Bruteforce scan over 2500 subdomains.

Disclaimer

This tool is only for academic purposes and testing under controlled environments. Do not use without obtaining proper authorization from the network owner of the network under testing. The author bears no responsibility for any misuse of the tool.

Installation

git clone http://ift.tt/2trqNcv

pip3 install argparse colorama socket binascii datetime requests

Usage

To run a scan against a target:

python cloudfail.py –target seo.com

To run a scan against a target using Tor:

service tor start

(or if you are using Windows or Mac install vidalia or just run the Tor browser)

python cloudfail.py –target seo.com –tor

Source: Github

The post CloudFail: find hidden IP’s behind the CloudFlare network appeared first on Penetration Testing.

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s