CloudFail – Information Gathering to Discover Identity of the Server Behind Cloudflare


CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by Cloudflare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases.

  1. Misconfigured DNS scan using
  2. Scan the database.
  3. Bruteforce scan over 2500 subdomains.

Install on Kali/Debian

First we need to install pip3 for python3 dependencies:

$ sudo apt-get install python3-pip

Then we can run through dependency checks:

$ pip3 install -r requirements.txt

If this fails because of missing setuptools, do this:

sudo apt-get install python3-setuptools


To run a scan against a target:

python3 --target

To run a scan against a target using Tor:

service tor start

(or if you are using Windows or Mac install vidalia or just run the Tor browser)

python3 --target --tor

Please make sure you are running with Python3 and not Python2.*.



  • argparse
  • colorama
  • socket
  • binascii
  • datetime
  • requests
  • win_inet_pton
  • dnspython


Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *