shodan-waf-bypass v1.0.4

Shodan WAF Bypass

Firewall bypass script based on shodan search results. This script will enumerate IP addresses and check if the server replies for a given host. Returns an array of vulnerable IP addresses. Handy for bugbounty hunters.

Requires a shodan API key and an html snippet to validate the results.

How to protect against this script?

If you are behind a firewall, whitelist connections coming from the firewall and deny all other traffic.

TODO:

• find a good public website this works for
• add tests