UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site.
It also tries various options like setting cookie, redirection, URL-stability(whether the URL expires or not) an a lot more. Now I am not sure of how this might be used as a WAF-Tester. But I think, all these options & tests you perform resemble a Nmap scan.
You get a lot of information on response codes, redirection, static/dynamic URLs used, XSS protection, server headers etc. From those, you get to know if there is a WAF at all or what the WAF is doing to prevent from scanning their website. One cool thing is the tool gets you the MD5 of the data got from a request to the site. Changes in the hash for different user-agents indicate there are separate pages.
Syntax: uatester –u url –d <agent1> <agent2>
-u / --url Complete URL -f / --file <Path to User Agent file> / If no file is provided, -d options must be present -s / --single provide single user-agent string (may need to be contained within quotes) -d / --default Select the UA String type(s) to check. Select 1 or more of the following ↵ catagories. (M)obile, (D)esktop, mis(C), (T)ools, (B)ots, e(X)treme [!]) -o / --output <Path to output file> CSV formated output (FILE WILL BE OVERWRITTEN[!]) -v / --verbose results (Displays full headers for each check) >> Recommended --debug See debug messages (This isn't the switch you're looking for)
UA-Tester Homepage: https://code.google.com/p/ua-tester/
In this lab, we are gonna check with Desktop & mobile user-agents with google.
Command: ua-tester -u www.google.com -d M D
There we can see the different user agents. For each of these user agents, a redirect is being done. Also, check the details displayed.
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…