assetnote/nowafpls

Awvs or other web vuln scanner integration/standalone proxy/ cloudmitm)

hastalamuerte opened this issue · 0 comments

Hello, thanks for your project. Can you tell plz, is it possible to made some kind of standalone proxy server which will capture, and modify requests by inject junk data on em to bypass cloud protection when you use some automated scanners like Acunetix, Appspider, HCl appscan. (There is options to set proxy for individual or bulk scans )
if we take as example Awvs (acunetix) it produce a lot of chromium instances wich are using for send payloads.

There is
https://github.com/FlareSolverr/FlareSolverr
https://github.com/rawandahmad698/pyCFSolver
...
But em not work as expected.
Also sometimes help to use a headers with X-Forwarded-For: 127.0.0.11 address. But it now work always.
like
Access-Control-Allow-Origin: 127.0.0.1 Client-IP: 127.0.0.2 Forwarded: 127.0.0.3 Forwarded-For: 127.0.0.4 Forwarded-For-IP: 127.0.0.5 Origin: 127.0.0.6 X-Client-IP: 127.0.0.7 X-Custom-IP-Authorization: 127.0.0.8 X-Forwarded: 127.0.0.9 X-Forwarded-By: 127.0.0.10 X-Forwarded-For: 127.0.0.11 X-Forwarded-For-Original: 127.0.0.12 X-Forwarded-Host: 127.0.0.13 X-Forwarder-For: 127.0.0.14 X-Originating-IP: 127.0.0.15 X-Remote-Addr: 127.0.0.16 X-Remote-IP: 127.0.0.17 CF-Connecting-Ip: 127.0.0.18 X-Real-IP: 127.0.0.19 True-Client-IP: 127.0.0.20