behindflare
Misconfiguration scanner
Reveals web service misconfigurations using CloudFlare as reverse proxy and WAF
This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
15 stars
1 watching
3 forks
Language: Go
last commit: about 2 years ago behindflarecloudflaregogolangpentest-toolpentesting
Related projects:
| Repository | Description | Stars |
|---|---|---|
 m0rtem/cloudfail | Reconnaissance tool that gathers information about a Cloudflare-protected target to discover its server location using misconfigured DNS and old database records. | 2,251 |
 digitaloptimizationgroup/cloudflare-edge-proxy | A Cloudflare worker script for enabling A/B testing and canary releases across multiple backends. | 73 |
 k4m4/cloudflare-detect | Detects whether a website is running behind Cloudflare | 23 |
 cbeuw/goquiet | Obfuscates Shadowsocks traffic to mimic HTTPS and evades deep packet inspection | 822 |
 nathanwaters/hasura-cloudflare-worker | A Cloudflare Worker that uses Facebook-based authorization and GraphQL proxy queries with Hasura | 18 |
 mindpointgroup/cloudfrunt | A tool for identifying misconfigured CloudFront domains to prevent domain hijacking | 347 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 gitbookio/proxies-on-cloudflare | A toolkit for building Cloudflare Workers with high-level proxying primitives and routing capabilities | 91 |
| digitaloptimizationgroup/cloudflare-worker-preact-pwa | A proof-of-concept deployment of a PWA to a Cloudflare worker using Preact and Redux for dynamic server-side rendering | 64 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 bishopfox/cloudfox | An open-source tool to help penetration testers gather information about cloud environments and identify potential vulnerabilities. | 1,983 |
 mortezabashsiz/cfscanner | A tool designed to scan millions of Cloudflare IP addresses and identify those compatible with CDNs. | 1,492 |
 spectralops/netz | Automated network scanner discovering internet-wide misconfigurations of network services. | 389 |
 aws-solutions/aws-waf-security-automations | Automates deployment of AWS WAF security rules to protect against common web-based attacks | 863 |
 anirudhbiyani/findmytakeover | Detects DNS record misconfigurations that could be exploited by attackers | 135 |