Categories: Kali Linux

WAFw00f : Identify & Fingerprint Web Application Firewall (WAF) Products Protecting A Website

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products. To do its magic, WAFW00F does the following:

  • Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
  • If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
  • If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.

You can also check whether Is this website Safe by using various methods.

Also Read – Pe-Sieve : Recognizes & Dumps A Variety Of Potentially Malicious Implants

It detects a number of WAFs. To view which WAFs it is able to detect run WAFW00F with the -l option. At the time of writing the output is as follows:

$ wafw00f -l

WAFW00F – Web Application Firewall Detection Tool

Can test for these WAFs:
BlockDoS (BlockDoS)
Armor Defense (Armor)
ACE XML Gateway (Cisco)
Malcare (Inactiv)
RSFirewall (RSJoomla!)
PerimeterX (PerimeterX)
Varnish (OWASP)
Barracuda Application Firewall (Barracuda Networks)
Anquanbao (Anquanbao)
NetContinuum (Barracuda Networks)
HyperGuard (Art of Defense)
Incapsula (Imperva Inc.)
Safedog (SafeDog)
NevisProxy (AdNovum)
SEnginx (Neusoft)
BitNinja (BitNinja)
Janusec Application Gateway (Janusec)
NinjaFirewall (NinTechNet)
Edgecast (Verizon Digital Media)
Alert Logic (Alert Logic)
Cloudflare (Cloudflare Inc.)
SecureSphere (Imperva Inc.)
Bekchy (Faydata Technologies Inc.)
Kona Site Defender (Akamai)
Wallarm (Wallarm Inc.)
Cloudfront (Amazon)
aeSecure (aeSecure)
eEye SecureIIS (BeyondTrust)
VirusDie (VirusDie LLC)
DOSarrest (DOSarrest Internet Security)
SiteGround (SiteGround)
Chuang Yu Shield (Yunaq)
Yunsuo (Yunsuo)
NAXSI (NBS Systems)
UTM Web Protection (Sophos)
Approach (Approach)
NetScaler AppFirewall (Citrix Systems)
DynamicWeb Injection Check (DynamicWeb)
Xuanwudun
WebTotem (WebTotem)
Comodo (Comodo CyberSecurity Solutions)
WTS-WAF (WTS)
PowerCDN (PowerCDN)
BIG-IP Access Policy Manager (F5 Networks)
BinarySec (BinarySec)
Greywizard (Grey Wizard)
Shield Security (One Dollar Plugin)
ASP.NET Generic Protection (Microsoft)
CacheWall (Varnish)
Expression Engine (EllisLab)
Airlock (Phion/Ergon)
WatchGuard (WatchGuard Technologies)
WP Cerber Security (Cerber Tech)
Yunjiasu (Baidu Cloud Computing)
DenyALL (Rohde & Schwarz CyberSecurity)
AnYu (AnYu Technologies)
Secure Entry (United Security Providers)
ISA Server (Microsoft)
Yundun (Yundun)
FirePass (F5 Networks)
GoDaddy Website Protection (GoDaddy)
Imunify360 (CloudLinux)
Safe3 Web Firewall (Safe3)
WebSEAL (IBM)
NSFocus (NSFocus Global Inc.)
360WangZhanBao (360 Technologies)
Squarespace (Squarespace)
Imperva SecureSphere
Bluedon (Bluedon IST)
AliYunDun (Alibaba Cloud Computing)
Wordfence (Feedjit)
Palo Alto Next Gen Firewall (Palo Alto Networks)
Tencent Cloud Firewall (Tencent Technologies)
West263CDN
WebARX (WebARX Security Solutions)
Mission Control Application Shield (Mission Control)
BIG-IP Local Traffic Manager (F5 Networks)
Sitelock (TrueShield)
ZScaler (Accenture)
CrawlProtect (Jean-Denis Brun)
Teros (Citrix Systems)
AWS Elastic Load Balancer (Amazon)
Cloudbric (Penta Security)
StackPath (StackPath)
URLScan (Microsoft)
Sucuri (Sucuri Inc.)
TransIP Web Firewall (TransIP)
OnMessage Shield (BlackBaud)
Distil (Distil Networks)
Profense (ArmorLogic)
ModSecurity (SpiderLabs)
FortiWeb (Fortinet)
XLabs Security WAF (XLabs)
ASP.NET RequestValidationMode (Microsoft)
Jiasule (Jiasule)
ChinaCache CDN Load Balancer (ChinaCache)
URLMaster SecurityCheck (iFinity/DotNetNuke)
Reblaze (Reblaze)
Newdefend (NewDefend)
Trafficshield (F5 Networks)
KS-WAF (KnownSec)
SiteGuard (Sakura Inc.)
CdnNS Application Gateway (CdnNs/WdidcNet)
DataPower (IBM)
WebKnight (AQTRONIX)
BIG-IP Application Security Manager (F5 Networks)
Barikode (Ethic Ninja)
Zenedge (Zenedge)
SonicWall (Dell)
DotDefender (Applicure Technologies)
USP Secure Entry Server
AppWall (Radware)

How do I use it?

For help please make use of the –help option. The basic usage is to pass it a URL as an argument. Example:

$ wafw00f https://example.org

WAFW00F – Web Application Firewall Detection Tool

Checking https://example.org
The site https://example.org is behind Edgecast (Verizon Digital Media) WAF.
Number of requests: 1

How do I install it?

The following should do the trick:

python setup.py install

Download
R K

Share
Published by
R K
Tags: IdentifywafWAFw00fweb application firewall
6 years ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

19 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

20 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

3 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago