Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AWS Cloudfront service detection

By kannthu

Informative
Vidoc logoVidoc Module
#aws#tech#service
Description

What is the "AWS Cloudfront service detection?"

The "AWS Cloudfront service detection" module is designed to detect websites that are using the AWS CloudFront service. CloudFront is a content delivery network (CDN) provided by Amazon Web Services (AWS) that helps deliver content to users with low latency and high transfer speeds. This module focuses on identifying websites that have implemented CloudFront as part of their infrastructure.

This module is categorized as informative, meaning it provides valuable information about the target website's usage of CloudFront but does not indicate any specific misconfigurations or vulnerabilities.

This module was authored by jiheon-dev.

Impact

The impact of this module is purely informative and does not directly indicate any security risks or vulnerabilities. It simply provides insight into whether a website is utilizing the AWS CloudFront service.

How does the module work?

The "AWS Cloudfront service detection" module works by analyzing the HTTP response headers of the target website. It checks for specific header values that indicate the presence of CloudFront. The following matching conditions are used:

contains(toLower(all_headers), `x-cache: hit from cloudfront`)
contains(toLower(all_headers), `x-cache: refreshhit from cloudfront`)
contains(toLower(all_headers), `x-cache: miss from cloudfront`)
contains(toLower(all_headers), `x-cache: error from cloudfront`)

If any of these conditions are met, the module considers the website to be using the AWS CloudFront service.

While the module does not send any HTTP requests itself, it analyzes the responses received during the scanning process to determine the presence of CloudFront.

Here is an example of an HTTP response header that would match the CloudFront detection conditions:

x-cache: hit from CloudFront
content-type: text/html; charset=utf-8
content-length: 1234
...

By detecting the usage of CloudFront, this module provides valuable information about the target website's infrastructure and content delivery setup.

Module preview

Concurrent Requests (0)
Passive global matcher
dsl: contains(toLower(all_headers), `x-cache:...
On match action
Report vulnerability