☁️ Cloudflare
Snatch Bypass for Cloudflare
Overview
It is a reality that in today's Internet world Cloudflare is a cybersecurity company that protects a large part of the Internet.
This is an example of barriers that allow us to perform OSINT research, so we have developed a bypass for sites that use the WAF or any Cloudflare protection.
How do I use it?
Any bypass available in this documentation will be used natively and smart Snatch will use it when it needs it, you don't have to do anything.
Simply if the Snatch standalone agent or you do for example a directory scan, Snatch will take care of bypassing the corresponding WAF whenever we have such a bypass.
How does it work?
Our Cloudflare bypass, when making a request will first detect if the web/fetch is protected by Cloudflare, in negative case it returns the fetch normally, in positive case, it will perform some pre-fetching to solve the Cloudflare challenges, usually around 5 and should not take more than 15 seconds at most, and 5 seconds on average. After that it will perform the requests normally bypassing the Cloudflare WAF security.
Is it legal?
This bypass has been created for research purposes for authorized personnel, that is, it will depend on the authorizations you have from the site you are researching or from Cloudflare or if you are an authority.