m0rtem / CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
β2,268Updated 9 months ago
Alternatives and similar repositories for CloudFail:
Users that are interested in CloudFail are comparing it to the libraries listed below
- π Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.β2,654Updated 7 months ago
- Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies foβ¦β1,210Updated 2 years ago
- File upload vulnerability scanner and exploitation tool.β3,154Updated last year
- A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)β3,220Updated 3 weeks ago
- Generates permutations, alterations and mutations of subdomains and then resolves themβ2,358Updated last week
- Knock Subdomain Scanβ3,915Updated 2 months ago
- A Tool for Domain Flyoversβ5,694Updated 2 years ago
- HTTP parameter discovery suite.β5,376Updated last month
- DNS Enumeration Scriptβ2,689Updated this week
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,106Updated 2 months ago
- A python script that finds endpoints in JavaScript filesβ3,789Updated 9 months ago
- Bruteforcing from various scanner output - Automatically attempts default creds on found services.β2,069Updated this week
- A curated list of amazingly awesome Burp Extensionsβ3,040Updated 2 months ago
- Automated NoSQL database enumeration and web application exploitation tool.β2,980Updated 5 months ago
- Find web directories without bruteforceβ1,788Updated last year
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scannerβ1,730Updated 2 years ago
- Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applicationsβ¦β1,239Updated 4 months ago
- Abusing Certificate Transparency logs for getting HTTPS websites subdomains.β1,987Updated last year
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.β5,450Updated 2 weeks ago
- Detect and bypass web application firewalls and protection systemsβ2,704Updated 5 months ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, suβ¦β3,376Updated 11 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,106Updated 2 weeks ago
- Advanced vulnerability scanning with Nmap NSEβ3,522Updated 4 months ago
- A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.β1,560Updated last month
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug huβ¦β2,040Updated 6 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies andβ¦β3,711Updated 3 years ago
- Striker is an offensive information and vulnerability scanner.β2,243Updated last year
- A DNS meta-query spider that enumerates DNS records, and subdomains.β3,377Updated 3 years ago
- Weaponized web shellβ3,234Updated 3 months ago
- Fetch all the URLs that the Wayback Machine knows about for a domainβ3,639Updated 8 months ago