Wafw00f – Web Application Firewall Detection Tool

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Hi..Manish Bhardwaj here and today we are going to read/learn about waafw00f a kali linux tool used for detecting web application firewalls(WAF) on a website.
Manish Bhardwaj Wafw00f
This is a Web Application Firewall Detection Tool.
The tool was written by – Sandro Gauci And G. Henrique.
 
It will help you detect the WAF ( Web Application Firewall )  behind the any domain.
A WAF will be typically present in a web application where there is Strict Transport Security enabled like a banking website or an e-commerce website. While conducting a pentest, detecting the the WAF comes under recon, and mapping the web application architecture. One should detect the presence of a WAF & evaluate it in case of a Black Box testing. This plays a crucial part in determining the methods to proceed during a Web-Application Penetration Test.
Wafw00f is simply a python tool which automates a set of procedures used in finding a WAF. Wafw00f simply queries a web server with a set of HTTP requests & methods. It analyses the responses from them & detects the firewall in place.
Watch Video Here:

 
Happy Learning:)

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top