{"id":29127984,"url":"https://github.com/yaelahrip/oritot","last_synced_at":"2026-05-14T23:37:44.255Z","repository":{"id":301888723,"uuid":"1010587647","full_name":"yaelahrip/Oritot","owner":"yaelahrip","description":"This open-source tool helps bug bounty hunters, red teamers, and cybersecurity researchers discover the origin IP address behind targets protected by CDNs and WAFs (e.g., Cloudflare, Akamai, etc.).","archived":false,"fork":false,"pushed_at":"2025-06-29T12:03:49.000Z","size":0,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-29T12:35:15.899Z","etag":null,"topics":["cloudflare","shodan","viewdns","wappalyzer"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yaelahrip.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-29T11:51:00.000Z","updated_at":"2025-06-29T12:05:44.000Z","dependencies_parsed_at":"2025-06-29T12:47:40.723Z","dependency_job_id":null,"html_url":"https://github.com/yaelahrip/Oritot","commit_stats":null,"previous_names":["yaelahrip/oritot"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/yaelahrip/Oritot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaelahrip%2FOritot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaelahrip%2FOritot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaelahrip%2FOritot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaelahrip%2FOritot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yaelahrip","download_url":"https://codeload.github.com/yaelahrip/Oritot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yaelahrip%2FOritot/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269338659,"owners_count":24400327,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-07T02:00:09.698Z","response_time":73,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","shodan","viewdns","wappalyzer"],"created_at":"2025-06-30T01:02:12.383Z","updated_at":"2026-05-14T23:37:44.207Z","avatar_url":"https://github.com/yaelahrip.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🕵️ Origin IP Finder - Bypass CDN/WAF with Node.js\n\nThis open-source tool helps **bug bounty hunters**, **red teamers**, and **cybersecurity researchers** discover the **origin IP address** behind targets protected by CDNs and WAFs (e.g., Cloudflare, Akamai, etc.).\n\n\u003e Designed for **educational** and **authorized security testing** only.\n\n---\n\n## 📦 Features\n\n- 🌐 Detect CDN/WAF provider (via wafw00f \u0026 Wappalyzer)\n- 🧠 Extract DNS history (ViewDNS \u0026 SecurityTrails)\n- 🎯 Discover servers using the same favicon (via Shodan hash search)\n- 🔍 Match SSL certificate CNs (via Censys)\n- 🛡 Check SPF, MX, and A records for clues\n- ✅ Verify real server IP using `/etc/hosts` and Nmap\n\n---\n\n\n## 🔧 Installation\n\n### 1. Clone the Project\n```bash\ngit clone https://github.com/your-username/origin-ip-finder.git\ncd origin-ip-finder\n```\n\n### 2. Install Dependencies\n```bash\nnpm install\n```\n\n\u003e Requires Node.js v16 or later\n\n### 3. Install `wafw00f`\n```bash\npip install wafw00f\n```\n\n---\n\n## 🔐 .env Configuration\n\nCreate a `.env` file in the project root:\n\n```env\n# Wappalyzer API Key\nWAPPALYZER_API_KEY=your_wappalyzer_api_key\n\n# ViewDNS API Key\nVIEWDNS_API_KEY=your_viewdns_api_key\n\n# Shodan API Key\nSHODAN_API_KEY=your_shodan_api_key\n```\n\n\u003e 🔑 You can get free-tier API keys from:\n\u003e - https://www.wappalyzer.com/api/\n\u003e - https://viewdns.info/api/\n\u003e - https://shodan.io/account\n\n---\n\n## 🚀 Usage\n\n### Basic Usage:\n```bash\nnode index.js -d example.com\n```\n\n### With SSL Certificate Verification:\n```bash\nnode index.js -d example.com --verify\n```\n\n---\n\n## 📌 Example Output\n```bash\n[~] Scanning domain: example.com\n[+] WAF Detection:\n  Is behind Cloudflare\n\n[+] Wappalyzer Tech Stack: Nginx, Google Analytics\n\n[+] ViewDNS History: 104.21.44.123, 172.67.218.45\n\n[+] Favicon mmh3 hash: 123456789\n[+] Shodan IPs: 104.21.44.123, 192.0.2.1\n\n[✓] SSL Cert info for 1.2.3.4:\nSubject CN: example.com\n```\n\n---\n\n## 📚 For Educational Purposes Only\n\nThis tool is intended **only for educational and lawful use**, such as:\n- Security research\n- Bug bounty hunting on authorized programs\n- CTFs and red team simulation\n\nUsing this tool against unauthorized targets **may violate laws**. Always get **explicit permission** before testing.\n\n---\n\n## 🪪 License\n\nMIT License © 2025 [yaelahrip] natnetnot\n\nSee the full `LICENSE` file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyaelahrip%2Foritot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyaelahrip%2Foritot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyaelahrip%2Foritot/lists"}