CloudBunny : Capture Real IP of Server behind WAF

Published On: November 17, 2018

CloudBunny is a tool to capture the origin server that uses a WAF as a proxy or protection.

This tool we used three search engines to search domain information: Shodan, Censys and Zoomeye. To use the tools you need the API Keys, you can pick up the following links:

  • Shodan – https://account.shodan.io/ 
  • Censys – https://censys.io/account/api
    ZoomEye – https://www.zoomeye.org/profile
NOTE: In Zoomeye you need to enter the login and password, it generates a dynamic api key and I already do this work for you. Just enter your login and password.

After that you need to put the credentials in the api.conf file.

Install the requirements:

$ sudo pip install -r requirements.txt

Usage

After you have loaded the credentials and installed the requirements, execute:

$ python cloudbunny.py -u DOMAINURL

Related Post

SSH-Snake: Automated SSH-Based Network Traversal

Related Post January 14, 2024

teler : Real-time HTTP Intrusion Detection

Related Post December 4, 2022

EmailAll – A powerful Email Collect tool

Related Post November 24, 2022

Leave a Comment