CloudFlair vs CloudFox
GitHub Stats
About CloudFlair
CloudFlair is a tool for finding origin servers of websites protected by Cloudflare, using Internet-wide scan data from Censys. When a website uses Cloudflare as a reverse proxy, the actual origin server's IP address is hidden. CloudFlair works by searching Censys for IPv4 hosts that present an SSL certificate associated with the target domain, then checks each candidate to see if it responds with the same content as the Cloudflare-protected site. This technique is effective because many administrators configure SSL certificates on their origin servers that match the domain they're protecting, but forget to restrict direct IP access. It's a valuable tool for penetration testers looking to bypass Cloudflare's WAF and DDoS protection.
About CloudFox
CloudFox is a tool for identifying exploitable attack paths within cloud infrastructures. It enumerates IAM permissions, secrets, and network exposure to uncover potential vulnerabilities in AWS and Azure environments. Written in Go, CloudFox helps security professionals assess the security posture of cloud deployments by revealing misconfigurations and access control weaknesses. The tool is essential for cloud security audits and penetration testing.
Platform Support
Tags
CloudFlair only
CloudFox only