Cloudmare is a simple tool to find the origin servers of websites protected by Cloudflare, Sucuri, or Incapsula with a misconfigured DNS.
For more details about this common misconfiguration and how Cloudmare works, send me a private message.
Here's what Cloudmare looks like in action.
(The websites and the IP addresses in this example have been obfuscated)
- Clone the repository
git clone https://github.com/MrH0wl/Cloudmare.git
- Go to the folder
cd Cloudmare
python Cloudmare.py -h or python Cloudmare.py -hh
- Run Cloudmare (see Usage below for more detail)
python Cloudmare.py -u target.site --bruter -sC -sSh -sSt --host verified.site
(Remember to view -hh for more info about the arguments)
- pkg upgrade && pkg update
- pkg install git python libxml2 libxslt dnsutils
- git clone https://github.com/MrH0wl/Cloudmare.git
- cd Cloudmare
- python Cloudmare.py -h or python Cloudmare.py -hh
Note: Be patient if the script requires to install modules.
Tested on Python>=3.7 (don't use Python 2 anymore), working on Linux and Windows. Feel free to open an issue if you have bug reports or questions. If you want to collaborate, you're welcome.
If you want Cloudmare to be updated more frequently with many more features, you can donate to help make this happen.
✉️Email: [email protected]
🐦Twitter: @mrh0wl
📷Instagram: @mrh0wl