Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
β2,528Mar 26, 2024Updated last year
Alternatives and similar repositories for CloudFail
Users that are interested in CloudFail are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- π Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.β2,940May 1, 2025Updated 10 months ago
- Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies foβ¦β1,274Sep 5, 2022Updated 3 years ago
- A Tool for Domain Flyoversβ5,912May 22, 2022Updated 3 years ago
- Attack Surface Management Platformβ9,466Feb 15, 2026Updated last month
- discontinuedβ527Aug 17, 2023Updated 2 years ago
- XRay is a tool for recon, mapping and OSINT gathering from public networks.β2,293Jul 10, 2024Updated last year
- An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the rβ¦β3,237Nov 20, 2025Updated 4 months ago
- Knock Subdomain Scanβ4,148Feb 19, 2026Updated last month
- A python script that finds endpoints in JavaScript filesβ4,300Apr 13, 2024Updated last year
- A swiss army knife for pentesting networksβ9,100Dec 6, 2023Updated 2 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environmentsβ1,213Sep 14, 2020Updated 5 years ago
- File upload vulnerability scanner and exploitation tool.β3,305May 8, 2025Updated 10 months ago
- HTTP parameter discovery suite.β6,142Feb 20, 2025Updated last year
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,022Dec 11, 2025Updated 3 months ago
- A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)β3,550Jul 21, 2025Updated 8 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,660Jan 5, 2026Updated 2 months ago
- Fast passive subdomain enumeration tool.β13,283Updated this week
- Generates permutations, alterations and mutations of subdomains and then resolves themβ2,477Jan 9, 2025Updated last year
- Detect and bypass web application firewalls and protection systemsβ2,875Aug 11, 2024Updated last year
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scannerβ1,920Apr 13, 2022Updated 3 years ago
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, alβ¦β1,284Aug 18, 2025Updated 7 months ago
- Most advanced XSS scanner.β14,822Apr 26, 2025Updated 10 months ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Toolβ4,125Apr 21, 2024Updated last year
- Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulnsβ1,560Nov 14, 2023Updated 2 years ago
- CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.β629Oct 16, 2018Updated 7 years ago
- Web path scannerβ14,084Mar 16, 2026Updated last week
- Fast subdomains enumeration tool for penetration testersβ10,855Aug 2, 2024Updated last year
- Automated NoSQL database enumeration and web application exploitation tool.β3,245Feb 20, 2026Updated last month
- Automated All-in-One OS Command Injection Exploitation Toolβ5,675Mar 16, 2026Updated last week
- Cloudflare, Sucuri, Incapsula real IP tracker.β1,769Jul 25, 2023Updated 2 years ago
- Automatic SSRF fuzzer and exploitation toolβ3,505Sep 4, 2025Updated 6 months ago
- Cloudflare DNS Enumeration Tool for Pentestersβ523Aug 6, 2022Updated 3 years ago
- Exploitation Framework for Embedded Devicesβ13,028Mar 2, 2026Updated 2 weeks ago
- Striker is an offensive information and vulnerability scanner.β2,322Jun 4, 2023Updated 2 years ago
- Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentialβ¦β2,383Updated this week
- A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricksβ1,454Nov 3, 2018Updated 7 years ago
- Web application fuzzerβ6,445Jan 21, 2026Updated 2 months ago
- In-depth attack surface mapping and asset discoveryβ14,282Updated this week
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,592Feb 8, 2025Updated last year