top of page

A Fancy Way To Bypass Cloud WAFs: Resolving The Host Behind A Reverse Proxy

Ever wondered what's behind a proxy? Now you too can know the origin host behind a reverse proxy! This tool will allow you to dig up a list of domains serving as intermediary hosts between you and the site/service which is being proxied. This can be useful if you want to bypass WAFs, discover interesting things on shared hosting providers, or bypasses reverse proxies, among many other things.

How does this tool work?

This tool will first make an HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide via HTTP (80) and HTTPS (443), with the Host header set to the original host. Each HTTP response is then compared to the original using the Levenshtein algorithm to determine similarity. If the response is similar, it will be deemed a match.

How to install the tool?

For installing the tool use go and type this command

You can use this tool with the following command:

and see how you can use it as per your requirement

I hope you enjoy this one and I see you next time ;)

Take care and happy hacking!

99 views0 comments
bottom of page