Introduction
This is a Web Application Firewall Detection Tool.The tool was written by – Sandro Gauci And G. Henrique.
It will help you detect the WAF ( Web Application Firewall ) behind the any domain.
Wiffit (Wafw00f ) can test for these Firewalls listed in the image -
If any firewall is detected from the list it will display on-screen
How Wiffit (Wafw00f) detects Web Application Firewall (WAF)
To detect WAF it looks for the following things :
- Cookies
- ServerCloaking
- Response Codes
- Drop Action
- Pre Built-In Rules
How to Open Wiffit On Kali Linux
Applications > Kali Linux > Information Gathering > IDS/IPS Identification > wafw00fwafw00f is open now , see the below image for more details -
How to use wafw00f
Example 1 :Usage :
- root@root :
wafw00f [ target url ]
- Example :
wafw00f www.***.com
- This example shows that www.***.com is behind the Web Application Firewall.
- www.***.com is behind the Imperva WAF.
Example 2 :
- Here google.com is also behind the WAF .
- All these images shows
these website are using IDS and it blocks my request all the time .
Example 3 :
- Flipkart is also using
WAF (Web Application Firewall)
Example 4 :wafw00f -a http://www.google.com/
Nothing found there either.
Nothing found there either.
No comments:
Post a Comment