Abusing Cloudflare Workers

This repository contains companion code for the blog post MITM at the Edge: Abusing Cloudflare Workers.

  • malicious-worker/ contains sample code of a malicious Cloudflare Worker that can be used to exfiltrate data transparently on every request

  • audit-logs/ contains sample Cloudflare control plane audit logs that enables to detect the creation of new workers and associations to routes or DNS entries.


View Github