Warflop / Cloudbunny
Licence: mit
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Cloudbunny
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+42.49%)
Mutual labels: proxy, waf, bypass
Aboutsecurity
A list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-39.19%)
Mutual labels: pentest, bypass
Penta
Open source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-52.38%)
Mutual labels: pentest, shodan
Build
TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
Stars: ✭ 656 (+140.29%)
Mutual labels: proxy, waf
Dorknet
Selenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-6.23%)
Mutual labels: proxy, pentest
Collection Document
Collection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+408.06%)
Mutual labels: pentest, waf
Reconspider
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+127.47%)
Mutual labels: pentest, shodan
Hackers Tool Kit
Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (-22.71%)
Mutual labels: proxy, pentest
Doxycannon
A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (-20.88%)
Mutual labels: proxy, pentest
Pentest Guide
Penetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+382.05%)
Mutual labels: pentest, bypass
Vxscan
python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Stars: ✭ 1,244 (+355.68%)
Mutual labels: pentest, waf
Shodan Dorks
Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-56.78%)
Mutual labels: pentest, shodan
Nac bypass
Script collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-71.06%)
Mutual labels: pentest, bypass
Searpy
🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-61.9%)
Mutual labels: shodan, pentest
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+11954.58%)
Mutual labels: pentest, bypass
HellgateLoader CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-73.26%)
Mutual labels: pentest, bypass
CloudBunny
CloudBunny is a tool to capture the origin server that uses a WAF as a proxy or protection.
You can read more about the tool here: https://tinyurl.com/y8p48wb3
How works
In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links:
Shodan - https://account.shodan.io/ Censys - https://censys.io/account/api ZoomEye - https://www.zoomeye.org/profile
NOTE: In Zoomeye you need to enter the login and password, it generates a dynamic api key and I already do this work for you. Just enter your login and password.
After that you need to put the credentials in the api.conf file.
Install the requirements:
$ sudo pip install -r requirements.txt
Usage
By default the tool searches on all search engines (you can set this up by arguments), but you need to put the credentials as stated above. After you have loaded the credentials and installed the requirements, execute:
$ python cloudbunny.py -u securityattack.com.br
Check our help area:
$ python cloudbunny.py -h
Change securityattack.com.br for the domain of your choice.
Example
$ python cloudbunny.py -u site_example.com.br
/| __
/ | ,-~ /
Y :| // /
| jj /( .^
>-"~"-v"
/ Y
jo o |
( ~T~ j
>._-' _./
/ "~" |
Y _, |
/| ;-"~ _ l
/ l/ ,-"~ \
\//\/ .- \
Y / Y*
l I !
]\ _\ /"\
(" ~----( ~ Y. )
~~~~~~~~~~~~~~~~~~~~~~~~~~
CloudBunny - Bypass WAF with Search Engines
Author: Eddy Oliveira (@Warflop)
https://github.com/Warflop
[+] Looking for target on Shodan...
[+] Looking for target on Censys...
[+] Looking for certificates on Censys...
[+] Looking for target on ZoomEye...
[-] Just more some seconds...
+---------------+------------+-----------+----------------------------+
| IP Address | ISP | Ports | Last Update |
+---------------+------------+-----------+----------------------------+
| 55.14.232.4 | Amazon.com | [80, 443] | 2018-11-02T16:02:51.074543 |
| 54.222.146.40 | Amazon.com | [80] | 2018-11-02T10:16:38.166829 |
| 18.235.52.237 | Amazon.com | [443, 80] | 2018-11-08T01:22:11.323980 |
| 54.237.93.127 | Amazon.com | [443, 80] | 2018-11-05T15:54:40.248599 |
| 53.222.94.157 | Amazon.com | [443, 80] | 2018-11-06T08:46:03.377082 |
+---------------+------------+-----------+----------------------------+
We may have some false positives :)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].