Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/damcraft/behindthecurtain
Firefox extension to find backend servers and more.
https://github.com/damcraft/behindthecurtain
Last synced: 19 days ago
JSON representation
Firefox extension to find backend servers and more.
- Host: GitHub
- URL: https://github.com/damcraft/behindthecurtain
- Owner: DAMcraft
- Created: 2024-03-18T20:55:33.000Z (9 months ago)
- Default Branch: master
- Last Pushed: 2024-03-20T19:53:42.000Z (9 months ago)
- Last Synced: 2024-10-19T14:59:24.843Z (2 months ago)
- Language: JavaScript
- Size: 25.4 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Behind the Curtain
A Firefox extension supposed to help you find the backend IP-Address of a website proxied by Cloudflare.
Also allows you to gather a lot more information about the website, like querying info from [crt.sh](https://crt.sh),
[Shodan](https://shodan.io) and [IP-API](https://ip-api.com).
On top of that, it also allows you to spoof the `Host` header of the request, which can be useful for pretending to
use a different domain, for example when bypassing some Cloudflare protections.## Download:
https://addons.mozilla.org/de/firefox/addon/behind-the-curtain/## Credits:
#### The logo
A big special thank you to Skittles (`@skitsy.` on Discord, [`@skitty_skits` on Twitter](https://twitter.com/skitty_skits))
for creating the logo for this extension, both the one with Cloudflare enabled and the one with Cloudflare disabled.#### MurmurHash3 library
I was reading the [Shodan blog on favicons](https://blog.shodan.io/deep-dive-http-favicon/) and I thought it would be
interesting to create a browser extension that would hash the favicon of the current page and then search for it on Shodan.
After I started working on this, I checked if someone made a js library for murmurhash3 and I found out that someone
already made a browser extension that does exactly what I wanted to do! The extension is called `favicon-hash-browser-extension`,
please check it out [here](https://github.com/michaelknap/favicon-hash-browser-extension), I only used the library for hashing from it:
https://github.com/michaelknap/favicon-hash-browser-extension/blob/main/src/lib/murmurhash3.js
This was after I did most code. I decided to implement it anyway, as I wanted to add a lot more to my extension anyway
than just hashing the favicon.