GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ alebeta90 β†’ behindflare

alebeta90 / behindflare

Licence: AGPL-3.0 license
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF

Programming Languages

go
31211 projects - #10 most used programming language

Labels

cloudflarepentestingpentest-toolbehindflare

Projects that are alternatives of or similar to behindflare

Cloudflair
πŸ”Ž Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
Stars: ✭ 1,176 (+8300%)
Mutual labels:  cloudflare, pentest-tool
HostSpider
Domain information gathering tool
Stars: ✭ 61 (+335.71%)
Mutual labels:  cloudflare
polynimbus
Multi-cloud infrastructure inventory and management tool, supporting AWS, Google Cloud, Azure, Oracle Cloud, Rackspace Cloud, Hetzner Cloud, Alibaba Cloud, e24cloud.com, Linode, Cloudflare, GoDaddy and Backblaze B2.
Stars: ✭ 70 (+400%)
Mutual labels:  cloudflare
cloudflare-ddns-updater
Dynamic DNS (DDNS) service based on Cloudflare! Access your home network remotely via a custom domain name without a static IP! Written in pure BASH~
Stars: ✭ 434 (+3000%)
Mutual labels:  cloudflare
Nightingale
It's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+750%)
Mutual labels:  pentest-tool
telegram-bot-api-worker
Take an alternate route to Telegram Bot API :)
Stars: ✭ 75 (+435.71%)
Mutual labels:  cloudflare
Bifrost
Bifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (+164.29%)
Mutual labels:  pentest-tool
ObsidianSailboat
Nmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (+157.14%)
Mutual labels:  pentest-tool
MailRipV3
SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (+100%)
Mutual labels:  pentest-tool
ubnt-cloudflared
Install Cloudflare's DNS proxy on UBNT gateways
Stars: ✭ 22 (+57.14%)
Mutual labels:  cloudflare
FlareSolverrSharp
FlareSolverr .Net / Proxy server to bypass Cloudflare protection
Stars: ✭ 62 (+342.86%)
Mutual labels:  cloudflare
silverstripe-cloudflare
This module aims to relieve the stress of using CloudFlare caching with any SilverStripe project. Adds extension hooks that clears CloudFlares cache for a specific page when that page is published or unpublished
Stars: ✭ 23 (+64.29%)
Mutual labels:  cloudflare
sunny
Automatically purge Cloudflare cache, including cache everything rules.
Stars: ✭ 35 (+150%)
Mutual labels:  cloudflare
cloudflare-dns-action
A GitHub action to set a DNS record using Cloudflare on push to the master branch.
Stars: ✭ 41 (+192.86%)
Mutual labels:  cloudflare
ss-v2ray-docker
Deprecated: please use https://hub.docker.com/r/mazy/ss-xray
Stars: ✭ 28 (+100%)
Mutual labels:  cloudflare
ARL-NPoC
ι›†ζΌζ΄žιͺŒθ―ε’Œδ»»εŠ‘θΏθ‘Œηš„δΈ€δΈͺζ‘†ζžΆ
Stars: ✭ 73 (+421.43%)
Mutual labels:  pentest-tool
transportc2
PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Stars: ✭ 22 (+57.14%)
Mutual labels:  pentest-tool
natural
Fastest Framework for NodeJS. Written in pure ES6+
Stars: ✭ 30 (+114.29%)
Mutual labels:  cloudflare
awesome-pentest-tools
List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (+142.86%)
Mutual labels:  pentest-tool
CloudflareSpeedTest
πŸŒ©γ€Œθ‡ͺι€‰δΌ˜ι€‰ IP」桋试 Cloudflare CDN ε»ΆθΏŸε’Œι€ŸεΊ¦οΌŒθŽ·ε–ζœ€εΏ« IP (IPv4 / IPv6)οΌε¦ε€–δΉŸζ”―ζŒε…Άδ»– CDN / 网站 IP ~
Stars: ✭ 5,092 (+36271.43%)
Mutual labels:  cloudflare
View All Similar Projects βž”

Behindflare

This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF.

Problem

Most of CloudFlare users believe, that just setting up the reverse proxy which ensures security protection, will secure their back-end servers. This group of users are not aware that the attacker can find access to the back-end servers if he finds their IP addresses. There are plenty of passive and active techniques that can lead you to get the IP address of the Web App server.

Service

If you would like to protect your servers against this kind of attack you can contact us at Gonkar IT Security LTD

Usage

./behindflare -h
Usage of ./behindflare:
  -domain string
    	Domain target (default "example.com")
  -jobs int
    	Number of parallel jobs (default 20)
  -proto string
    	The protocol used by the site behind CF (default "http")
  -subnet string
    	Subnet to scan (default "192.168.0.1/24")

Disclaimer

This tool had been developed for research and educational purpose. Its usage for illegal actions is against creator will.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].