WAFW00F Web Application Firewall Detection Tool

WAFW00F is a tool that you can use to identify and fingerprints Web Application Firewall (WAF) products. To do its magic, WAFW00F does the following:

  • Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
  • If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
  • If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
WAFW00F Web Application Firewall Detection Tool
WAFW00F Web Application Firewall Detection Tool

The tool will allow attacker to detect a number of WAFs including:

  • Anquanbao
  • FortiWeb
  • NaxsiCisco ACE XML Gateway
  • AWS WAF
  • Citrix
  • F5 BIG-IP APM
  • 360WangZhanBao
  • Mission Control Application Shield
  • PowerCDN
  • DenyALL WAF
  • Trustwave
  • ModSecurity
  • Imperva SecureSphere
  • Incapsula WAF
  • Microsoft ISA Server

You can read more and download the tool over here: https://github.com/EnableSecurity/wafw00f

Share