nse icon indicating copy to clipboard operation
nse copied to clipboard

Published 20 hours ago verified publisher icon aerissecure

cloudwaf-recon script

Open freb opened this issue 5 years ago • 0 comments

The basic process for evading cloud WAFs is:

  1. Determine if the host is behind a cloud WAF (Cloudflare (server: cloudflare), Incapsula (x-cdn: Incapsula), Securi, Fastly, AWS WAF/V2, etc.). Usually involves review response headers.
  2. Attempt to discover the origin IPs by reviewing the history of IP addresses for the domain, something like: https://viewdns.info/iphistory/?domain=example.com
  3. Submit a request to each identified IP, using the Host header of the original target.
  4. Compare the response from the new IPs to the original response to see if they are similar. If they are, an origin IP address may have been discovered.

freb avatar Dec 12 '19 19:12 freb