m0rtem / CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
β2,243Updated 7 months ago
Related projects β
Alternatives and complementary repositories for CloudFail
- π Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.��β2,618Updated 5 months ago
- Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies foβ¦β1,198Updated 2 years ago
- File upload vulnerability scanner and exploitation tool.β3,053Updated last year
- Bruteforcing from various scanner output - Automatically attempts default creds on found services.β2,043Updated last week
- Detect and bypass web application firewalls and protection systemsβ2,667Updated 3 months ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug huβ¦β2,014Updated 4 months ago
- Striker is an offensive information and vulnerability scanner.β2,234Updated last year
- Find web directories without bruteforceβ1,772Updated last year
- Generates permutations, alterations and mutations of subdomains and then resolves themβ2,333Updated 6 months ago
- A Tool for Domain Flyoversβ5,644Updated 2 years ago
- A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)β3,173Updated 8 months ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.β5,300Updated last month
- Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulnsβ1,466Updated last year
- A python script that finds endpoints in JavaScript filesβ3,724Updated 7 months ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, suβ¦β3,332Updated 9 months ago
- Knock Subdomain Scanβ3,883Updated this week
- DNS Enumeration Scriptβ2,641Updated this week
- A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.β1,528Updated last year
- Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoorβ2,224Updated 6 months ago
- HTTP parameter discovery suite.β5,280Updated 2 weeks ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β4,996Updated 3 weeks ago
- CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSsβ2,328Updated 7 months ago
- Potentially dangerous filesβ2,888Updated 3 weeks ago
- The XSS Hunter service - a portable version of XSSHunter.comβ1,491Updated last year
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.β1,906Updated 3 weeks ago
- Subdomain enumeration and information gathering toolβ1,201Updated 3 weeks ago
- Automated All-in-One OS Command Injection Exploitation Tool.β4,613Updated this week
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scannerβ1,699Updated 2 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies andβ¦β3,684Updated 3 years ago
- Attack Surface Management Platformβ8,132Updated 3 weeks ago