UA-tester is a tool to check whether a website provides different pages for different user agents like for mobile, desktop bots etc. Well, this tool also delivers a lot of information. It is basically a python script which runs through various user-agents on a specified site.
It also tries various options like setting cookie, redirection, URL-stability(whether the URL expires or not) an a lot more. Now I am not sure of how this might be used as a WAF-Tester. But I think, all these options & tests you perform resemble a Nmap scan.
You get a lot of information on response codes, redirection, static/dynamic URLs used, XSS protection, server headers etc. From those, you get to know if there is a WAF at all or what the WAF is doing to prevent from scanning their website. One cool thing is the tool gets you the MD5 of the data got from a request to the site. Changes in the hash for different user-agents indicate there are separate pages.
Syntax: uatester –u url –d <agent1> <agent2>
-u / --url Complete URL -f / --file <Path to User Agent file> / If no file is provided, -d options must be present -s / --single provide single user-agent string (may need to be contained within quotes) -d / --default Select the UA String type(s) to check. Select 1 or more of the following ↵ catagories. (M)obile, (D)esktop, mis(C), (T)ools, (B)ots, e(X)treme [!]) -o / --output <Path to output file> CSV formated output (FILE WILL BE OVERWRITTEN[!]) -v / --verbose results (Displays full headers for each check) >> Recommended --debug See debug messages (This isn't the switch you're looking for)
UA-Tester Homepage: https://code.google.com/p/ua-tester/
In this lab, we are gonna check with Desktop & mobile user-agents with google.
Command: ua-tester -u www.google.com -d M D
There we can see the different user agents. For each of these user agents, a redirect is being done. Also, check the details displayed.
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…