Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zidansec/CloudPeler

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
https://github.com/zidansec/CloudPeler

bypass-cloudflare bypass-hostname bypass-waf cloudflare crimeflare crimeflare-next-generation crimepeler dns-security exploit hack-tool information-gathering osint-tool penetration-testing pentest-tool security-tools

Last synced: about 1 month ago
JSON representation

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.

Awesome Lists containing this project

README 

        


  






	


  


	
CrimeFlare is back again! This tools can help you to see the real IP behind CloudFlare protected websites


	

	


	

	

  

	

  


	

	

	

  


	


	
Donation for project development


	


	




## Introduction



> This tool serves to find the original IP behind websites that have been protected by CloudFlare, the information generated can be useful for further penetration. The information generated by this tool is as follows.



- CloudFlare IP

- CloudFlare NS1

- CloudFlare NS2

- Real IP

- Hostname

- Organization

- Address (Country, City, Region, Postal Code)

- Location

- Time Zone



## Code Samples



> This tool is made with PHP code with very simple programming using several APIs to get maximum results, but this tool does not guarantee 100% to be able to bypass websites that have been protected by CloudFlare. Some websites sometimes cannot be detected by their original IP.



## API Used In This Tool



- https://crimeflare.zidansec.com

- http://ipinfo.io/2.2.2.2/json



Additional reference tool to see the real IP behind WAF Cloudflare



## OsintSec - Information Gathering Intelligence



> Simple tools for further penetration, this tool is able to visualize network from Domain, IP, Email and more.



- https://osinthreat.herokuapp.com/






## Installation



Before running CrimeFlare make sure you have `php-curl` installed, install it with the command `sudo apt install php-curl` and follow the next installation steps.



```bash

git clone https://github.com/zidansec/CloudPeler.git

```

```bash

cd CloudPeler

```

```bash

./crimeflare.php exemple.com

```



Simple install CrimeFlare on Ubuntu:



```bash

sudo wget https://github.com/zidansec/CloudPeler/raw/master/crimeflare.php -O /bin/crimeflare && sudo chmod +x /bin/crimeflare

```



Run command: `crimeflare` or `crimeflare exemple.com`



### Easy to run



If you want to run crimeflare easily on linux ubuntu, follow the below command. This command will add the `crimeflare.php` file into the `/bin/` directory on your Ubuntu OS.



```bash

cd CloudPeler

```

```bash

sudo cp crimeflare.php /bin/crimeflare

```



To run it now just type command `crimeflare` in your linux terminal






## Reference:



- [https://www.xploit.my.id/2021/07/crimeflare-bypass-tools-cloudflare.html](https://www.xploit.my.id/2021/07/crimeflare-bypass-tools-cloudflare.html)

- [https://zidansec.com/cloudpeler-crimeflare-next-generation/](https://zidansec.com/crimeflare-tools-is-back-again/)