wafw00f v2.2 released: identifies and fingerprints Web Application Firewall (WAF) products
identifies and fingerprints Web Application Firewall (WAF) products.
How does it work?
To do its magic, WAFW00F does the following:
- Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions
- If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is
- If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks
What does it detect?
It detects a number of WAFs. To view which WAFs it is able to detect run WAFW00F with the -l option. At the time of writing the output is as follows:
- New features like docker support and output format fixes.
- Several new bug fixes and stability to the existing code.
- Few new WAF detections.
git clone https://github.com/EnableSecurity/wafw00f.git cd wafw00f python setup.py install
orpip install wafw00f
Copyright (c) 2019, Sandro Gauci, Enable Security GmbH and Wendel G. Henrique – Trustwave 2009
All rights reserved.