Subscribe to our Newsletter

Receive our news and insights

Blog / Technology  

A quick guide to the CloudFail tool

A Picture of Danilo Vezzoni
August 16, 2018 | Topic: Technology  
A quick guide to the CloudFail tool

We often come across sites or servers protected with CloudFlare, but to carry out a good penetration test it is almost mandatory to know the actual IP of the site.

CloudFail is a tool that is helps to unmask CloudFlare by providing the actual IP of the server. Basically, it uses the following three methods to obtain the information:

  • Check in
  • Check in
  • Perform a brute force with more than 2500 subdomains in its database

With these three methods, in 99% of cases it gets the actual IP of the server.

How to quickly install it

1. We install pip3 for python 3

<strong>sudo apt-get install</strong> python3-pip

2. We download the script from the repository and unzip it into a folder

3. We install the requirements:

pip3 install -r requirements.txt


python3 --target

It can be anonymized using tor by executing the following:

service tor start
python3 --target --tor


  • argparse
  • colorama
  • socket
  • binascii
  • datetime
  • requests
  • win_inet_pton



A quick guide to the CloudFail tool

Service Design: Providing meaningful end-to-end experiences

Related Services


Software Product Development  

How to easily integrate AngularJS with Visual Studio 2015


November 19 / 2014

1 Stars2 Stars3 Stars4 Stars5 Stars

In light of some of the major changes occurring at the moment within Microsoft, the forthcoming release of Visual Studio 2015, along with .NET 2015, promises to be particularly...

Read post