module
Cloud Lookup (and Bypass)
| Disclosed | Created |
|---|---|
| N/A | 2020-05-09 |
Disclosed
N/A
Created
2020-05-09
Description
This module can be useful if you need to test the security of your server and your
website behind a solution Cloud based. By discovering the origin IP address of the
targeted host.
More precisely, this module uses multiple data sources (in order ViewDNS.info, DNS enumeration
and Censys) to collect assigned (or have been assigned) IP addresses from the targeted site or domain
that uses the following:
* Cloudflare, Amazon CloudFront, ArvanCloud, Envoy Proxy, Fastly, Stackpath Fireblade,
Stackpath MaxCDN, Imperva Incapsula, InGen Security (BinarySec EasyWAF), KeyCDN, Microsoft AzureCDN,
Netlify and Sucuri.
website behind a solution Cloud based. By discovering the origin IP address of the
targeted host.
More precisely, this module uses multiple data sources (in order ViewDNS.info, DNS enumeration
and Censys) to collect assigned (or have been assigned) IP addresses from the targeted site or domain
that uses the following:
* Cloudflare, Amazon CloudFront, ArvanCloud, Envoy Proxy, Fastly, Stackpath Fireblade,
Stackpath MaxCDN, Imperva Incapsula, InGen Security (BinarySec EasyWAF), KeyCDN, Microsoft AzureCDN,
Netlify and Sucuri.
Authors
mekhalleh (RAMELLA Sébastien)
Yvain
Yvain
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.