A powerful CDN exposure & origin intelligence scanner for discovering unprotected web server origins.
Uncover real IP addresses of websites NOT protected by Cloudflare and other CDN providers
VeilStrike is a specialized reconnaissance tool designed to identify and resolve origin IP addresses of websites NOT protected by Cloudflare or other CDN providers. Built for security researchers, penetration testers, and OSINT investigators, it provides fast and reliable origin discovery on unprotected targets with advanced fingerprinting capabilities.
| β¨ Features | π Quick Start | π Usage | π» Examples | βοΈ License |
| Feature | Description |
|---|---|
| π Origin IP Discovery | Uncover real IP addresses of unprotected web servers with precision |
| π‘οΈ CDN Detection | Identify if a site is behind Cloudflare or other protection layers |
| π Dual Protocol Support | Resolve both IPv4 and IPv6 addresses seamlessly |
| π Server Fingerprinting | Extract web server headers and identify technologies in use |
| β‘ Batch Processing | Efficiently process multiple targets from wordlists |
| π JSON Export | Export results in structured JSON for tool integration |
| π Lightweight & Fast | Optimized for speed with minimal dependencies |
| π΅οΈ OSINT Ready | Purpose-built for security research and investigations |
Python 3.7+
requests library
colorama library (for colored output)
SecurityTrails API key (optional)
| Requirement | Purpose |
|---|---|
| Python 3.7+ | Core runtime environment |
| requests | HTTP library for making API calls |
| colorama | Enhanced console output styling |
| SecurityTrails API | (Optional) Enhanced origin detection accuracy |
Clone the repository and install dependencies:
# Clone the repository
git clone https://github.com/xdrew87/VeilStrike.git
cd VeilStrike
# Install required dependencies
pip install -r requirements.txtTo use SecurityTrails API for enhanced origin detection, create/update config.ini:
[API_KEYS]
SECURITYTRAILS_API_KEY = YOUR_API_KEY_HEREπ‘ Get your free API key from SecurityTrails Dashboard
python veilstrike.py example.compython veilstrike.py example.com --jsonpython veilstrike.py targets.txt --json| Flag | Purpose |
|---|---|
--json |
Export results in JSON format |
-o FILE |
Save output to specified file |
-v |
Verbose mode with detailed information |
$ python veilstrike.py google.comOutput:
[+] Target: google.com
[+] Cloudflare: No
[+] Origin IP: 142.251.32.46
[+] Server: gws
[+] Country: US
python veilstrike.py google.com --json > results.jsonpython veilstrike.py targets.txt --json -o batch_results.jsonpython veilstrike.py example.com -vVeilStrike provides clean, color-coded output for easy analysis:
Example Console Output:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β VEILSTRIKE v1.0.0 β
β CDN Exposure & Origin Intelligence Scanner β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
[+] Version : 1.0.0
[+] Author : Galmx
[+] GitHub : https://github.com/xdrew87/VeilStrike
[+] Module : CDN Detection | Origin Resolution
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
[*] Scanning Target: google.com
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Cloudflare Detected : False
β Web Server : gws
β IPv4 Addresses : 142.251.127.101, 142.251.127.139
142.251.127.113, 142.251.127.100
142.251.127.138
β IPv6 Address : 2a00:1450:4001:804::200e
β Country : United States
β ASN : AS15169 (Google LLC)
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
[+] Scan completed successfully!
Contributions are welcome! To contribute:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Submit a Pull Request
- π Bug fixes and improvements
- π Documentation enhancements
- β‘ Performance optimizations
- π§ New detection methods
- π Additional export formats
β οΈ IMPORTANT: This tool is provided for authorized security testing and OSINT research only.
Users are solely responsible for ensuring they have proper authorization before using this tool.
- π Only scan targets you own or have explicit written permission to test
- βοΈ Unauthorized access to computer systems is illegal
- π Always comply with applicable laws and regulations
- πΌ Obtain written authorization before conducting security assessments
- π Respect privacy and data protection laws
This tool is intended for legitimate security research, penetration testing, and OSINT purposes only.
This project stands on the shoulders of giants! π¦Έ
CloakQuest3r by @spyboy-productions
- π Enhanced non-Cloudflare origin discovery algorithms
- π― Improved resolution accuracy and reliability
- π§ Advanced technological fingerprinting capabilities
- β‘ Optimized performance for batch operations
- π Enhanced reporting and export formats
Thank you to all contributors and the security community! π
GNU AFFERO GENERAL PUBLIC LICENSE Version 3
This project is licensed under the AGPL-3.0 License - a strong copyleft license that ensures derivative works remain open source.
See the LICENSE file for complete details.
If you find VeilStrike useful, please consider:
- β Giving it a star on GitHub
- π Reporting issues and bugs
- π‘ Suggesting improvements
- π€ Contributing to the project
Questions? Open an issue or reach out to the community!
Made with β€οΈ by the Security Research Community
Last Updated: February 2026