This tool helps you to find the server real IP address protected behind services like Cloudflare, Akamai, and other WAF/CDN services.
Giving a hostname (ex: site.com), a website html match (ex: "welcome to site.com") and a list of IPv4 addresses or ranges, this tool will send HTTP/S requests to all IPv4 addresses checking if any of them responds with the match.
There are many ways to find possible IPv4 ranges where the real server IP address might be hosted:
- Search target company IPv4 ranges/addresses in online services.
- Shodan, Censys...
- Get ranges of the IPv4 addresses exposed in subdomains.
- Get ranges of IPv4 addresses exposed in email raw data.
- Try to get more IPv4 addresses in DNS history.
positional arguments:
hostname Ex: site.com
match Ex: "welcome to site.com"
optional arguments:
-h, --help show this help message and exit
-u URI, --uri URI Ex: /en/index.aspx
-t THREADS, --threads THREADS
-T TIMEOUT, --timeout TIMEOUT
-v, --verbose Verbose mode
python FindIP.py "site.com" "Welcome to site.com"Note: Ensure you have range.txt file in the directory with the IP ranges you want to scan.
Made by AnarchistManifesto