{"id":19199779,"url":"https://github.com/gwen001/cloudflare-origin-ip","last_synced_at":"2025-04-05T22:07:07.503Z","repository":{"id":65303574,"uuid":"563566907","full_name":"gwen001/cloudflare-origin-ip","owner":"gwen001","description":"Try to find the origin IP of a webapp protected by Cloudflare.","archived":false,"fork":false,"pushed_at":"2024-08-08T17:28:18.000Z","size":688,"stargazers_count":341,"open_issues_count":4,"forks_count":67,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-29T21:04:24.906Z","etag":null,"topics":["bugbounty","cloudflare","ips","pentesting","python","security-tools","webapp"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gwen001.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["gwen001"],"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2022-11-08T22:01:39.000Z","updated_at":"2025-03-18T02:51:06.000Z","dependencies_parsed_at":"2024-12-15T19:04:21.324Z","dependency_job_id":"a9d66a50-dd7e-49c7-b3dd-27afe170274b","html_url":"https://github.com/gwen001/cloudflare-origin-ip","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gwen001%2Fcloudflare-origin-ip","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gwen001%2Fcloudflare-origin-ip/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gwen001%2Fcloudflare-origin-ip/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gwen001%2Fcloudflare-origin-ip/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gwen001","download_url":"https://codeload.github.com/gwen001/cloudflare-origin-ip/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247406089,"owners_count":20933803,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","cloudflare","ips","pentesting","python","security-tools","webapp"],"created_at":"2024-11-09T12:28:56.537Z","updated_at":"2025-04-05T22:07:07.481Z","avatar_url":"https://github.com/gwen001.png","language":"Python","funding_links":["https://github.com/sponsors/gwen001"],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003ecloudflare-origin-ip\u003c/h1\u003e\n\n\u003ch4 align=\"center\"\u003eTry to find the origin IP of a webapp protected by Cloudflare.\u003c/h4\u003e\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/python-v3-blue\" alt=\"python badge\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/license-MIT-green\" alt=\"MIT license badge\"\u003e\n    \u003ca href=\"https://twitter.com/intent/tweet?text=https%3a%2f%2fgithub.com%2fgwen001%2fcloudflare-origin-ip%2f\" target=\"_blank\"\u003e\u003cimg src=\"https://img.shields.io/twitter/url?style=social\u0026url=https%3A%2F%2Fgithub.com%2Fgwen001%2Fcloudflare-origin-ip\" alt=\"twitter badge\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003c!-- \u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/stars/gwen001/cloudflare-origin-ip?style=social\" alt=\"github stars badge\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/watchers/gwen001/cloudflare-origin-ip?style=social\" alt=\"github watchers badge\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/forks/gwen001/cloudflare-origin-ip?style=social\" alt=\"github forks badge\"\u003e\n\u003c/p\u003e --\u003e\n\n---\n\n## Description\n\nThis Python tool compares the HTTP response of the given subdomain to HTTP responses of a list of IPs addresses. This list is based on:\n- subdomains supplied by the user\n- subdomains found on external sources\n- IPs found external sources\n\nThen, a score of similarity is calculated for each response using the Levenshtein algorithm.\n\n## Install\n\n```\ngit clone https://github.com/gwen001/cloudflare-origin-ip\ncd cloudflare-origin-ip\npip3 install -r requirements.txt\n```\n\nDepending the sources you want to use, you'll need to create environment variables:\n- Censys: `CENSYS_UID` and `CENSYS_SECRET`\n- SecurityTrails: `SECURITY_TRAILS_API_KEY`\n\n## Usage\n\n```\n$ python3 cloudflare-origin-ip.py \u003curl\u003e\n```\n\n```\nusage: cloudflare-origin-ip.py [-h] [-u URL] [-s SOURCE]\n\noptions:\n  -h, --help            show this help message and exit\n  -u URL, --url URL     url to test\n  -s SOURCE, --source SOURCE\n                        datas sources separated by coma, can be: censys,crtsh,securitytrails,local file\n\nExamples:\ncloudflare-origin-ip.py -u https://xxx.xxxxxxxxxxxx.xxx\ncloudflare-origin-ip.py -u https://xxx.xxxxxxxxxxxx.xxx -s censys,crtsh,securitytrails (default)\ncloudflare-origin-ip.py -u https://xxx.xxxxxxxxxxxx.xxx -s /home/local/ips.txt\ncloudflare-origin-ip.py -u https://xxx.xxxxxxxxxxxx.xxx -s censys,crtsh,/home/local/ips.txt,/home/local/subdomains.txt\n```\n\n## How it works\n\n1/ Performs a HTTP request to the URL provided, this is the reference request.\n\n2/ Grabs IPs using several sources:\n- censys (key required)\n- crtsh\n- securitytrails (key required)\n- local file\n\n3/ Performs a HTTP request to all IPs grabbed with the header `Host` setted to the subdomain of the reference request.\n\n4/ Compares the responses obtained with the response of the reference request using the `Levenshtein` algorithm.\n\n5/ Displays a score of similarity.\n\n---\n\n\u003cimg src=\"https://raw.githubusercontent.com/gwen001/cloudflare-origin-ip/main/preview.png\" /\u003e\n\n---\n\nFeel free to [open an issue](/../../issues/) if you have any problem with the script.  \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgwen001%2Fcloudflare-origin-ip","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgwen001%2Fcloudflare-origin-ip","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgwen001%2Fcloudflare-origin-ip/lists"}