Support for other Cloudflare-like services

[hon1nbo]

Cloudflare is not the only service offering similar technical features (other notable encountered often is Incapsula).

This is something that would prove useful to a lot of testers. I'm currently evaluating if I can programmatically determine Incapsula's ranges effectively (since they have an AS it should be possible). However, I'm not aware of a similar database as crimeflare. Yet, it could still be useful to incorporate with thanks to the DNSDumpser API and the common subdomain checks.

Cheers, ~H

[m0rtem]

This is definitely something I have been thinking about. obviously with CloudFail it checks to see if the IP is part of the cloudflare network and if not then it fails, there should be a way to do it with similar companies as well. Now I dont know whether to update cloudfail to support general domain dns enumeration / bruteforce or have a separate tool for each service...

Cheers for the research anyhow, this will definitely be thought about.

[SageHack]

I was thinking we should start with CloudFront and Fastly. also something I had in mind

[dxgldotorg]

Isn't CloudFront integrated into AWS, so you'd end up with an AWS address anyway?

[hon1nbo]

Man I really let myself go on some F/OSS contributions. I opened this back in 2017?

Isn't CloudFront integrated into AWS, so you'd end up with an AWS address anyway?

Yes, but you could potentially end up with the Origin IP of the direct EC2 instance or backing service. This would allow evasion of IDS/IPS functionality when routing through the expected path as some tenants do not configure their VPC security properly.