LeeBrotherston/badflare LeeBrotherston/badflare

  • Stars
    star
    132
  • Rank 274,205 (Top 6 %)
  • Language
    Go
  • License
    Other
  • Created over 2 years ago
  • Updated 7 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
LeeBrotherston/badflare
github

LeeBrotherston

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly locked down

badflare

OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly configured

Pardon?

Cloudflare provides protection to it's customers, however this is predicated on those customers locking their environment to only be accessible to Cloudflare. Direct access to services circumvents this protection, and can de-anonymise the location of the service.

Many people opt to use simple obfuscation, specifically, no DNS pointing to the real host, rather than truely locking down their environment. This leaves the host vulnerable to attack if it's true IP address can be discovered, thus bypassing Cloudflare protection.

Hence badflare

Badflare attempts to discover poorly configured hosts. Simply provide your shodan API key on the commandline or as the env var SHODAN_API and run the command in form:

badflare -h host.this_is_my_victim.com

Building

This is a simple go tool so you can either clone this repo and build using:

go build

More Repositories

1

tls-fingerprinting

TLS Fingerprinting
C
372
star
2

snort

Snort Rules
C
17
star
3

tlsProxy

Go
5
star
4

dactyloscopy

My stab at a TLS Fingerprinting package for golang
Go
5
star
5

fptls_collector

Simple Collector based on FingerprinTLS
C
2
star
6

kludge

Potentially useful, but kludgy scripts. Use at your own risk, etc.
Python
1
star
7

leecence

Just a repo to try out writing some opensource licences
1
star