Skip to main content

BehindFlare, discover websites real IP behind CloudFlare

By 22 April, 2020March 6th, 2021No Comments
finding ip behind cloudflare pentesting



This tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF.



Most of CloudFlare users believe, that just setting up the reverse proxy which ensures security protection, will secure their back-end servers. This group of users are not aware that the attacker can find access to the back-end servers if he finds their IP addresses. There are plenty of passive and active techniques that can lead you to get the IP address of the Web App server.


To protect your servers against this kind of attack,

Contact us at Gonkar IT Security LTD


Contact Us


./behindflare -h
Usage of ./behindflare:
  -domain string
    	Domain target (default "")
  -jobs int
    	Number of parallel jobs (default 20)
  -proto string
    	The protocol used by the site behind CF (default "http")
  -subnet string
    	Subnet to scan (default "")


This tool had been developed for research and educational purpose. Its usage for illegal actions is against the creator will.

If you want to keep track of our latest Security Tools, just use the form below and we will keep you post

    Alejandro Betancor

    Author Alejandro Betancor

    More posts by Alejandro Betancor

    Leave a Reply