WAFW00F – Web Application Firewall Detection Tool – identifies and fingerprints Web Application Firewall (WAF) products.
To do its magic, WAFW00F does the following:
> Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
> If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
> If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
Usage: wafw00f url1 [url2 [url3 ... ]] example: wafw00f http://www.victim.org/ Options: -h, --help show this help message and exit -v, --verbose enable verbosity - multiple -v options increase verbosity -a, --findall Find all WAFs, do not stop testing on the first one -r, --disableredirect Do not follow redirections given by 3xx responses -t TEST, --test=TEST Test for one specific WAF -l, --list List all WAFs that we are able to detect --xmlrpc Switch on the XML-RPC interface instead of CUI --xmlrpcport=XMLRPCPORT Specify an alternative port to listen on, default 8001 -V, --version Print out the version