WAFW00F identifies and fingerprints Web Application Firewall (WAF) products.
How does it work:
To do its magic, WAFW00F does the following:
It detects a number of WAFs. To view which WAFs it is able to detect run WAFW00F with the -l option. At the time of writing the output is as follows:
How do I use it:
First, install the tools as described .
For help please make use of the --help option. The basic usage is to pass it a URL as an argument. Example:
How do I install it:
The following should do the trick:
python setup.py install
How does it work:
To do its magic, WAFW00F does the following:
- Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
- If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
- If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
It detects a number of WAFs. To view which WAFs it is able to detect run WAFW00F with the -l option. At the time of writing the output is as follows:
How do I use it:
First, install the tools as described .
For help please make use of the --help option. The basic usage is to pass it a URL as an argument. Example:
How do I install it:
The following should do the trick:
python setup.py install
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding