CloudFlair vs CloudMapper
GitHub Stats
About CloudFlair
CloudFlair is a tool for finding origin servers of websites protected by Cloudflare, using Internet-wide scan data from Censys. When a website uses Cloudflare as a reverse proxy, the actual origin server's IP address is hidden. CloudFlair works by searching Censys for IPv4 hosts that present an SSL certificate associated with the target domain, then checks each candidate to see if it responds with the same content as the Cloudflare-protected site. This technique is effective because many administrators configure SSL certificates on their origin servers that match the domain they're protecting, but forget to restrict direct IP access. It's a valuable tool for penetration testers looking to bypass Cloudflare's WAF and DDoS protection.
About CloudMapper
CloudMapper is a tool for visualizing and analyzing Amazon Web Services (AWS) environments. It generates network diagrams, identifying security risks and architectural flaws by mapping out VPCs, subnets, and other resources. The tool aids in understanding complex AWS setups and spotting potential vulnerabilities in the network design. CloudMapper is particularly useful for security audits and compliance checks, offering insights into the cloud infrastructure's security posture.
Platform Support
Tags
CloudFlair only
CloudMapper only