CrimeFlare tools is back again!

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.


This tool serves to find the original IP behind websites that have been protected by CloudFlare, the information generated can be useful for further penetration. The information generated by this tool is as follows.

  • CloudFlare IP
  • CloudFlare NS1
  • CloudFlare NS2
  • Real IP
  • Hostname
  • Organization
  • Address (Country, City, Region, Postal Code)
  • Location
  • Time Zone

Code Samples

This tool is made with PHP code with very simple programming using several APIs to get maximum results, but this tool does not guarantee 100% to be able to bypass websites that have been protected by CloudFlare. Some websites sometimes cannot be detected by their original IP.

API Used In This Tool


Before running CrimeFlare make sure you have php-curl installed, install it with the command sudo apt install php-curl and follow the next installation steps.

git clone
cd CloudPeler

Simple install CrimeFlare on Ubuntu:

sudo wget -O /bin/crimeflare && sudo chmod +x /bin/crimeflare

Run command: crimeflare or crimeflare

Easy to run

If you want to run crimeflare easily on linux ubuntu, follow the below command. This command will add the crimeflare.php file into the /bin/ directory on your Ubuntu OS.

cd CloudPeler
sudo cp crimeflare.php /bin/crimeflare

To run it now just type command crimeflare in your linux terminal

Github: zidansec