spyboy-productions / CloakQuest3r

Uncover the true IP address of websites safeguarded by Cloudflare & Others
https://colab.research.google.com/github/spyboy-productions/CloakQuest3r/blob/main/cloakquest3r.ipynb
MIT License
1.36k stars 180 forks source link

No real IP addresses found for subdomains #1

Closed Drjacky closed 10 months ago

Drjacky commented 10 months ago
╰➤ Total Subdomains Scanned: 781
╰➤ Total Subdomains Found: 0
╰➤ Time taken: 35.18 seconds
No real IP addresses found for subdomains.
thisisshubhamkumar commented 10 months ago

CloakQuest3r combines multiple indicators to uncover real IP addresses behind Cloudflare. While subdomain scanning is a part of the process, we do not assume that all subdomains' A records point to the target host. The tool is designed to provide valuable insights but may not work in every scenario. We welcome any specific suggestions for improvement.

  1. False Negatives: CloakReveal3r may not always accurately identify the real IP address behind Cloudflare, particularly for websites with complex network configurations or strict security measures.

  2. Dynamic Environments: Websites' infrastructure and configurations can change over time. The tool may not capture these changes, potentially leading to outdated information.

  3. Subdomain Variation: While the tool scans subdomains, it doesn't guarantee that all subdomains' A records will point to the primary host. Some subdomains may also be protected by Cloudflare.

Drjacky commented 10 months ago

FYI, I was scanning a subdomain (test.example.com), expecting other subdomains (auth.test.example.com). But when I scanned the main domain (example.com), it worked! Thanks!