Exclude WAF

README.md

@@ -111,7 +111,7 @@ PROBES:
    -ip                   display host ip
    -cname                display host cname
    -asn                  display host asn information
-   -cdn                  display cdn in use
+   -cdn                  display cdn/waf in use
    -probe                display probe status
 
 HEADLESS:
@@ -222,7 +222,7 @@ OPTIMIZATIONS:
    -nf, -no-fallback                  display both probed protocol (HTTPS and HTTP)
    -nfs, -no-fallback-scheme          probe with protocol scheme specified in input 
    -maxhr, -max-host-error int        max error count per host before skipping remaining path/s (default 30)
-   -ec, -exclude-cdn                  skip full port scans for CDNs (only checks for 80,443)
+   -ec, -exclude-cdn                  skip full port scans for CDN/WAF (only checks for 80,443)
    -retries int                       number of retries
    -timeout int                       timeout in seconds (default 5)
    -delay duration                    duration between each http request (eg: 200ms, 1s) (default -1ns)

common/httpx/cdn.go

@@ -5,11 +5,17 @@ import (
 	"net"
 )
 
-// CdnCheck verifies if the given ip is part of Cdn ranges
+// CdnCheck verifies if the given ip is part of Cdn/WAF ranges
 func (h *HTTPX) CdnCheck(ip string) (bool, string, error) {
 	if h.cdn == nil {
 		return false, "", fmt.Errorf("cdn client not configured")
 	}
 
-	return h.cdn.CheckCDN(net.ParseIP((ip)))
+	// the goal is to check if ip is part of cdn/waf to decide if target should be scanned or not
+	// since 'cloud' itemtype does not fit logic here , we consider target is not part of cdn/waf
+	matched, value, itemType, err := h.cdn.Check(net.ParseIP((ip)))
+	if itemType == "cloud" {
+		return false, "", err
+	}
+	return matched, value, err
 }