Cloudbunny - A Tool To Capture The Existent Ip Of The Server That Uses A Waf Equally A Proxy Or Protection


CloudBunny is a tool to capture the existent IP of the server that uses a WAF every bit a proxy or protection.

How works
In this tool nosotros used 3 search engines to search domain information: Shodan, Censys in addition to Zoomeye. To role the tools yous postulate the API Keys, yous tin pick upwards the next links:
Shodan - https://account.shodan.io/ Censys - https://censys.io/account/api ZoomEye - https://www.zoomeye.org/profile
NOTE: In Zoomeye yous postulate to teach into the login in addition to password, it generates a dynamic api fundamental in addition to I already produce this operate for you. Just teach into your login in addition to password.
After that yous postulate to position the credentials inwards the api.conf file.
Install the requirements:
$ sudo pip install -r requirements.txt

Usage
By default the tool searches on all search engines (you tin laid this upwards past times arguments), precisely yous postulate to position the credentials every bit stated above. After yous bring loaded the credentials in addition to installed the requirements, execute:
$ python cloudbunny.py -u securityattack.com.br
Check our assistance area:
$ python cloudbunny.py -h
Change securityattack.com.br for the domain of your choice.

Example
 $ python cloudbunny.py -u site_example.com.br               /|      __               / |   ,-  /              Y :|  //  /                | jj /( .^              >-" "-v"             /       Y              jo  o    |           (  T      j             >._-' _./            /   " "  |            Y     _,  |             /| ;-"  _  l          / l/ ,-"     \        \//\/      .- \         Y        /    Y*         l       I     !        ]\      _\    /"\       ("  ----(     Y.  )                                    CloudBunny - Bypass WAF amongst Search Engines  Author: Eddy Oliveira (@Warflop) https://github.com/Warflop       [+] Looking for target on Shodan... [+] Looking for target on Censys... [+] Looking for certificates on Censys... [+] Looking for target on ZoomEye... [-] Just to a greater extent than roughly seconds...   +---------------+------------+-----------+----------------------------+ |   IP Address  |    Internet access provider     |   Ports   |        Last Update         | +---------------+------------+-----------+----------------------------+ |  55.14.232.4  | Amazon.com | [80, 443] | 2018-11-02T16:02:51.074543 | | 54.222.146.40 | Amazon.com |    [80]   | 2018-11-02T10:16:38.166829 | | 18.235.52.237 | Amazon.com | [443, 80] | 2018-11-08T01:22:11.323980 | | 54.237.93.127 | Amazon.com | [443, 80] | 2018-11-05T15:54:40.248599 | | 53.222.94.157 | Amazon.com | [443, 80] | 2018-11-06T08:46:03.377082 | +---------------+------------+-----------+----------------------------+     We may bring roughly faux positives :)