CloudFail is an authentication tool that aims to gather information about a page protected by Cloudflare in hopes of finding out the real address of the server. Using Tor to hide all your requests, CloudFail already has 3 different attack phases.
- Incorrect DNS scan configuration using DNSDumpster.com.
- Scanning a database on Crimeflare.com.
- Bruteforce option that scans over 2500 subdomains.
Installation in Kali / Debian
First we need to install pip3 for python3 dependencies:
$ sudo apt-get install python3-pip
Next, we can perform dependency checks:
$ pip3 install -r requirements.txt
If this fails due to a lack of installation tools, run the following command:
sudo apt-get install python3-setuptools
To perform a scan on a target run the command:
python3 cloudfail.py --target seo.com
To perform a scan on a target using Tor run the command:
service tor start
(or if you are using Windows or Mac install vidalia or just run the Tor browser)
python3 cloudfail.py --target seo.com --tor
Make sure you are running the program with Python3 and not Python2.
You can download the program from here.
Follow us on Google News