Closed 0xspade closed 4 years ago
DatDraggy
commented
5 years ago I don't see the purpose of adding censys. Censys can't magically get past cloudflare and and most data is most likely outdated. It works similar to crimeflare, which is already integrated.
0xspade
commented
5 years ago Hi,
best example here is the roogar.de that someone is trying to use cloudfail to reveal its real IP however, cloudfail cannot bypass it BUT if you go here at https://censys.io/ipv4?q=www.roogar.de you can see the roogar.de's real IP. :)
DatDraggy
commented
5 years ago It's too unreliable imo.
Look at https://censys.io/ipv4?q=kieran.de
All of the IPs that are supposedly serving the website are incorrect. A simple dig kieran.de reveals the current real IP, because the @ record is not hidden behind cloudflare. Censys failed to find it.
Additionally, users of cloudfail would need to sign up at Censys to use the API.
0xspade
commented
5 years ago Well, in my own opinion and just to give an idea. maybe censys option will do. It's still a discretion if you will feed the idea though.
m0rtem
commented
4 years ago In the future ideally I would like to build a more universal WAP bypasser, and one which uses more concrete methods of reconning the servers historic data. But for now I think I will leave CloudFail quite basic, as others seem to adapt it to their own needs.
Censys can find real IP behind cloudflare network. Additional, you can study their module in python3 :)
Looking forward in this tool.