π Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
β2,955May 1, 2025Updated last year
Alternatives and similar repositories for CloudFlair
Users that are interested in CloudFlair are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare networkβ2,635Mar 26, 2024Updated 2 years ago
- HTTP parameter discovery suite.β6,312Feb 20, 2025Updated last year
- CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websitesβ¦β1,569Sep 1, 2023Updated 2 years ago
- Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies foβ¦β1,285Sep 5, 2022Updated 3 years ago
- A python script that finds endpoints in JavaScript filesβ4,386Apr 13, 2024Updated 2 years ago
- Virtual machines for every use case on DigitalOcean β’ AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,257Aug 14, 2024Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β1,081Mar 24, 2026Updated 2 months ago
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,732Feb 8, 2025Updated last year
- Automatic SSRF fuzzer and exploitation toolβ3,569Sep 4, 2025Updated 9 months ago
- Cloudflare, Sucuri, Incapsula real IP tracker.β1,781Jul 25, 2023Updated 2 years ago
- A Tool for Domain Flyoversβ5,941May 22, 2022Updated 4 years ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, suβ¦β3,755May 6, 2026Updated last month
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,981Mar 20, 2026Updated 3 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,095Apr 25, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- SSRF (Server Side Request Forgery) testing resourcesβ2,502Oct 12, 2024Updated last year
- Fetch all the URLs that the Wayback Machine knows about for a domainβ4,474May 1, 2024Updated 2 years ago
- DNS Takeover tool written in Goβ2,091Mar 16, 2026Updated 3 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,713May 15, 2026Updated last month
- Generates permutations, alterations and mutations of subdomains and then resolves themβ2,501Jan 9, 2025Updated last year
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β5,065Updated this week
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entβ¦β2,191Feb 23, 2026Updated 3 months ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!β2,674Jun 11, 2026Updated last week
- Rockyou for web fuzzingβ3,166Mar 11, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Hidden parameters discovery suiteβ2,066Sep 8, 2024Updated last year
- IP lookup by favicon using Shodanβ1,198Feb 5, 2025Updated last year
- Everything about Web Application Firewalls (WAFs) from Security Standpoint! π₯β7,505Mar 26, 2026Updated 2 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grepβ1,438Sep 13, 2024Updated last year
- Try to find the origin IP of a webapp protected by Cloudflare.β357Aug 8, 2024Updated last year
- β‘ Perform subdomain enumeration using the certificate transparency logs from Censys.β843May 1, 2025Updated last year
- Fast passive subdomain enumeration tool.β13,846May 27, 2026Updated 3 weeks ago
- Automation for javascript recon in bug bounty.β1,093Sep 9, 2023Updated 2 years ago
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,664May 1, 2025Updated last year
- End-to-end encrypted cloud storage - Proton Drive β’ AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,393Sep 30, 2024Updated last year
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web applicationβ5,067Dec 21, 2024Updated last year
- Server-Side Template Injection and Code Injection Detection and Exploitation Toolβ4,169Apr 21, 2024Updated 2 years ago
- A repository with 3 tools for pwn'ing websites with .git repositories availableβ4,151Jun 14, 2023Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,082Jan 2, 2024Updated 2 years ago
- Fetches javascript file from a list of URLS or subdomains.β852Jul 22, 2025Updated 10 months ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for β¦β3,782Updated this week