This tool is only for academic purposes and testing under controlled environments. Do not use without obtaining proper authorization from the network owner of the network under testing. The author bears no responsibility for any misuse of the tool.
CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases.
– Misconfigured DNS scan using DNSDumpster.com.
– Scan the Crimeflare.com database.
– Bruteforce scan over 2500 subdomains.
+ Python3 and modules: argparse, colorama, socket, binascii, datetime, requests
git clone https://github.com/m0rtem/CloudFail && cd CloudFail
python3 cloudfail.py -h
python3 cloudfail.py --target blah_blah.com --tor