CloudFlare provides high security for the target website to hide their real server IP address. Make it harder for the hacker to attack the website real server. But it doesn't mean it is impossible. Let's find it out on one website - https://www.g2.com - use CloudFlare to hide it IP address.

1. Find DNS history records

I use SecurityTrails to find the domain DNS history.

Getting Started

Capture all HTTP(S) traffic between your computer and the Internet with Fiddler HTTP(S) proxy. Inspect traffic, set breakpoints, and fiddle with requests & responses.

Download

On my laptop, I use the linux version. You can download here

wget -O fiddler.AppImage https://downloads.getfiddler.com/linux/fiddler-everywhere-1.4.1.AppImage
chmod u+x fiddler.AppImage 
./fiddler.AppImage

Configuration

This is the main view of the tool

1. To enable capture HTTPS View -> Preferences -> HTTPS. Click Export root certificate to Desktop, then enable Capture HTTPS traffic + Ignore server certificate error (unsafe). Click Save.

2. Open any browser, go to the Certificate Preferences, Import the FiddlerRootCertificate.crt on the Desktop and enable Trust this certificate.

3. Config Browser proxy to Fiddler localhost:8866

Experiement

Now open any Web Browser with any url. You will see all the network requests sent out using HTTP(s)

What is Pub/Sub?

Pub/Sub is an asynchronous messaging service that decouples services that produce events from services that process events. You can use Pub/Sub as messaging-oriented middleware or event ingestion and delivery for streaming analytics pipelines. Pub/Sub offers durable message storage and real-time message delivery with high availability and consistent performance at scale. Pub/Sub servers run in all Google Cloud regions around the world.

Core concepts

• Topic: A named resource to which messages are sent by publishers.
• Subscription: A named resource representing the stream of messages from a single, specific topic, to be delivered to the subscribing application.
• Message: The combination of data and (optional) attributes that a publisher sends to a topic and is eventually delivered to subscribers.
• Message attribute: A key-value pair that a publisher can define for a message. For example, key iana.org/language_tag and value en could be added to messages to mark them as readable by an English-speaking subscriber.

Celery is a task queue with batteries included. It’s easy to use so that you can get started without learning the full complexities of the problem it solves. It’s designed around best practices so that your product can scale and integrate with other languages, and it comes with the tools and support you need to run such a system in production.

pip install celery

Choosing a Broker

Celery requires a solution to send and receive messages; usually this comes in the form of a separate service called a message broker. In this example, I use RabbitMQ on docker for the most simple experiment.

docker run -d -p 5672:5672 rabbitmq

Getting started

SQLAlchemy is most famous for its object-relational mapper (ORM), an optional component that provides the data mapper pattern, where classes can be mapped to the database in open ended, multiple ways - allowing the object model and database schema to develop in a cleanly decoupled way from the beginning.

pip install SQLAlchemy