IP Ranges Composing
Information exfiltration from cache and web archives
Bypassing the prohibition of displaying source HTML code, bypassing social content lockers
Advanced search engines usage
Anti CloudFlare technics
Images and Metadata
Information about phone numbers
Web Application Vulnerability Scanners
Web Server Vulnerability Scanners
Subdomains and hidden files
Getting Information on MAC Addresses
Web server analysis
Analysis of executable files
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by Cloudflare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases.
Misconfigured DNS scan using DNSDumpster.com.
Scan the Crimeflare.com database.
Bruteforce scan over 2897 subdomains.
You may also like: