Our great sponsors
-
fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Had some fun with this. I used fireprox[0] to grab a ton of AWS IPs, and some proxy vendors for some other random ranges. Sadly my ASN has only /24s in disparate ranges so it wouldn’t make a dent for most of them.
[0] https://github.com/ustayready/fireprox
> possibly exploit the system by sending a XFF header the developer forgot to block (probably just checking socket address so unlikely to work here)
I considered it. Sadly, it has been considered, and XFF is ignored from non-private sources: https://github.com/jart/cosmopolitan/blob/155b378a3962e4d291...
With private addresses defined as: https://github.com/jart/cosmopolitan/blob/7ab15e0b236d085c82...