Wafw00f V1.0.0 - Bring Out All The Spider Web Application Firewall!


WAFW00F identifies in addition to fingerprints Web Application Firewall (WAF) products.

How does it work?
To create its magic, WAFW00F does the following:
  • Sends a normal HTTP asking in addition to analyses the response; this identifies a release of WAF solutions.
  • If that is non successful, it sends a release of (potentially malicious) HTTP requests in addition to uses uncomplicated logic to deduce which WAF it is.
  • If that is also non successful, it analyses the responses previously returned in addition to uses roughly other uncomplicated algorithm to gauge if a WAF or safety solution is actively responding to our attacks.

What does it detect?
It detects a release of WAFs. To sentiment which WAFs it is able to notice run WAFW00F alongside the -l option. At the fourth dimension of writing the output is every bit follows:
$ wafw00f -l              ______             /      \            (  Woof! )             \______/                      )             ,,                           ) (_        .-. -    _______                 ( |__|       ()``; |==|_______)                .)|__|       / ('        /|\                  (  |__|   (  /  )        / | \                  . |__|    \(_)_))      /  |  \                   |__|      WAFW00F - Web Application Firewall Detection Tool  Can bear witness for these WAFs:  BlockDoS (BlockDoS) Armor Defense (Armor) ACE XML Gateway (Cisco) Malcare (Inactiv) RSFirewall (RSJoomla!) PerimeterX (PerimeterX) Varnish (OWASP) Barracuda Application Firewall (Barracuda Networks) Anquanbao (Anquanbao) NetContinuum (Barracuda Networks) HyperGuard (Art of Defense)Incapsula (Imperva Inc.) Safedog (SafeDog) NevisProxy (AdNovum) SEnginx (Neusoft) BitNinja (BitNinja) Janusec Application Gateway (Janusec) NinjaFirewall (NinTechNet) Edgecast (Verizon Digital Media) Alert Logic (Alert Logic) Cloudflare (Cloudflare Inc.) SecureSphere (Imperva Inc.) Bekchy (Faydata Technologies Inc.) Kona Site Defender (Akamai) Wallarm (Wallarm Inc.) Cloudfront (Amazon) aeSecure (aeSecure) eEye SecureIIS (BeyondTrust) VirusDie (VirusDie LLC) DOSarrest (DOSarrest Internet Security) SiteGround (SiteGround) Chuang Yu Shield (Yunaq) Yunsuo (Yunsuo) NAXSI (NBS Systems) UTM Web Protection (Sophos) Approach (Approach) NetScaler AppFirewall (Citrix Systems) DynamicWeb Injection Check (DynamicWeb) Xuanwudun WebTotem (WebTotem) Comodo (Comodo CyberSecurity Solutions) WTS-WAF (WTS) PowerCDN (PowerCDN) BIG-IP Access Policy Manager (F5 Networks) BinarySec (BinarySec) Greywizard (Grey Wizard) Shield Security (One Dollar Plugin) ASP.NET Generic Web Application Protection CacheWall (Varnish) Expression Engine (EllisLab) Airlock (Phion/Ergon) WatchGuard (WatchGuard Technologies) WP Cerber Security (Cerber Tech) Yunjiasu (Baidu Cloud Computing) DenyALL (Rohde & Schwarz CyberSecurity) AnYu (AnYu Technologies) Secure Entry (United Security Providers) ISA Server (Microsoft) Yundun (Yundun) FirePass (F5 Networks) GoDaddy Website Protection (GoDaddy) Imunify360 (CloudLinux) Safe3 Web Firewall (Safe3) WebSEAL (IBM) NSFocus (NSFocus Global Inc.) 360WangZhanBao (360 Technologies) Squarespace (Squarespace) Imperva SecureSphere B   luedon (Bluedon IST) AliYunDun (Alibaba Cloud Computing) Wordfence (Feedjit) Palo Alto Next Gen Firewall (Palo Alto Networks) Tencent Cloud Firewall (Tencent Technologies) West263CDN WebARX (WebARX Security Solutions) Mission Control Application Shield (Mission Control) BIG-IP Local Traffic Manager (F5 Networks) Sitelock (TrueShield) ZScaler (Accenture) CrawlProtect (Jean-Denis Brun) Teros (Citrix Systems) AWS Elastic Load Balancer (Amazon) Cloudbric (Zendesk) StackPath (StackPath) URLScan (Microsoft) Sucuri (Sucuri Inc.) TransIP Web Firewall (TransIP) OnMessage Shield (BlackBaud) Distil (Distil Networks) Profense (ArmorLogic) ModSecurity (SpiderLabs) FortiWeb (Fortinet) XLabs Security WAF (XLabs) ASP.NET RequestValidationMode (Microsoft) Jiasule (Jiasule) ChinaCache CDN L   oad Balancer (ChinaCache) URLMaster SecurityCheck (iFinity/DotNetNuke) Reblaze (Reblaze) Newdefend (NewDefend) Trafficshield (F5 Networks) KS-WAF (KnownSec) SiteGuard (Sakura Inc.) CdnNS Application Gateway (CdnNs/WdidcNet) DataPower (IBM) WebKnight (AQTRONIX) BIG-IP Application Security Manager (F5 Networks) Barikode (Ethic Ninja) Zenedge (Zenedge) SonicWall (Dell) DotDefender (Applicure Technologies) USP Secure Entry Server AppWall (Radware)

How create I role it?
First, install the tools every bit described here.
For assist delight brand role of the --help option. The basic usage is to transcend it a URL every bit an argument. Example:
$  wafw00f https://example.org               ______             /      \            (  Woof! )             \______/                      )             ,,                           ) (_        .-. -    _______                 ( |__|       ()``; |==|_______)                .)|__|       / ('        /|\                  (  |__|   (  /  )        / | \                  . |__|    \(_)_))      /  |  \                   |__|      WAFW00F - Web Application Firewall Detection Tool  Checking https://example.org The site https://example.org is behind Edgecast (Verizon Digital Media) WAF. Number of requests: 1

How create I install it?
The next should create the trick:
python setup.py install

Looking for pentesters?
More information near the services that nosotros offering at Enable Security

How create I write my ain novel checks?
Follow the instructions on the wiki


Popular posts from this blog

Kerbrute - A Tool To Perform Kerberos Pre-Auth Bruteforcing

Image
Influenza A virus subtype H5N1 tool to speedily bruteforce together with enumerate valid Active Directory accounts through Kerberos Pre-Authentication Grab the latest binaries from the releases page to acquire started. Background This tool grew out of approximately bash scripts I wrote a few years agone to perform bruteforcing using the Heimdal Kerberos customer from Linux. I wanted something that didn't demand privileges to install a Kerberos client, together with when I works life the amazing pure Go implementation of Kerberos gokrb5 , I decided to lastly acquire Go together with write this. Bruteforcing Windows passwords amongst Kerberos is much faster than whatever other approach I know of, together with potentially stealthier since pre-authentication failures produce non trigger that "traditional" An job organisation human relationship failed to log on final result 4625. With Kerberos, y'all tin validate a username or exam a login past times s
Read more

Cameradar V2.1.0 - Hacks Its Mode Into Rtsp Videosurveillance Cameras

Image
   An RTSP flow access tool that comes alongside its library Cameradar allows you lot to Detect opened upward RTSP hosts on whatever accessible target host Detect which device model is streaming Launch automated dictionary attacks to larn their stream route (e.g.: /live.sdp ) Launch automated lexicon attacks to larn the username in addition to password of the cameras Retrieve a consummate in addition to user-friendly study of the results Docker Image for Cameradar Install docker on your machine, in addition to run the next command: docker run -t ullaakut/cameradar -t <target> <other command-line options> See command-line options . e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l volition scan the ports 554 in addition to 8554 of hosts on the 192.168.100.0/24 subnetwork in addition to laid on the discovered RTSP streams in addition to volition output debug logs. YOUR_TARGET tin hold out a subnet (e.g.: 172.16.100.0/24 ), an IP (
Read more

Efiguard - Disable Patchguard Together With Dse At Kicking Time

Image
EfiGuard is a portable x64 UEFI bootkit that patches the Windows kicking manager, kicking loader too center at kicking fourth dimension inward club to disable PatchGuard too Driver Signature Enforcement (DSE). Features Currently supports all EFI-compatible versions of Windows x64 e'er released, from Vista SP1 to Server 2019. Easy to use: tin live on booted from a USB stick via a loader application that automatically finds too boots Windows. The driver tin also live on loaded too configured manually using either the UEFI rhythm out or the loader. Makes extensive utilization of the Zydis disassembler library for fast runtime pedagogy decoding to back upwardly to a greater extent than robust analysis than what is possible amongst signature matching, which oftentimes requires changes amongst novel OS updates. Works passively: the driver does non charge or start the Windows kicking manager. Instead it acts on a charge of bootmgfw.efi yesteryear the firmware kicking
Read more