August 13, 2020

What is the Wafw00f(Waffit) Tool?

WAF (Web Application Firewall) helps protect the web application by filtering and monitoring HTTP traffic between a web application and the internet.

It generally protects web applications from attacks such as cross-site fraud, cross-site scripting (XSS), file attachment, and SQL injection. WAF is not designed to defend against any attack. This attack mitigation method is usually part of a number of tools that form a holistic defence against a number of attack vectors.

What is WAFW00F?

The Wafw00f tool is also a simple firewall detection tool. However, no matter how simple we call it, it is a tool enriched with very good plugins. Since the tool is very simple to use, we will not have difficulty.

Knowing what kind of firewall is in front of the target before a security test on a system will make our job easier, so let’s try to get inside with the methods. To make this detection easier, there is a tool called Wafw00f and this tool is installed by default in Kali Linux. You can also install it on other operating systems. It is an open-source application and if you want to review the codes, you can also visit https://github.com/sandrogauci/wafw00f.

So what is wafw00f actually doing? It first sends and analyzes normal HTTP requests, then sends out abnormal requests such as unusual injection methods, for example, and analyzes the answers again, if there is a familiar WAF ahead, it looks at the signature in the response.

What is WAFW00F?
What is WAFW00F?

Devices that the Wafw00f Tool can recognize

Applicant dotDefender
Art of Defence HyperGuard
Aqtronix WebKnight
Barracuda Application Firewall
BinarySec
Cisco ACE XML Gateway
Citrix NetScaler
Cloudflare
DenyALL WAF
eEye Digital Security – SecureIIS
F5 FirePass
F5 TrafficShield
F5 BIG-IP (LTM, APM, ASM)
IBM Web Application Security
IBM DataPower
Imperva SecureSphere
InfoGuard Airlock
Incapsula WAF
Juniper WebApp Secure
Microsoft ISA Server
Microsoft UrlScan
NetContinuum
Profense
TrustWave ModSecurity
Teros WAF
USP Secure Entry Server

Installing Wafw00f

If there is no wafw00f tool in Kali Linux, run “apt install wafw00f” command. To install on other Linux and Windows git clone https://github.com/enablesecurity/wafw00f.git

Addictions

requests – to make http queries
pluginbase – plugin parser for python based projects

Using the Wafw00f Tool

We open our terminal in Kali Linux. By typing “wafw00f -h”, we can get information about the use of the tool.

wafw00f -h
wafw00f -h

 

Indicates that there is no Waf in the notation in the example. He states that the request number is 7.

wafw00f -a www
wafw00f -a www

 

 

The https:// ” site reports that it appears behind a WAF or some kind of security solution.

wafw00f -a https://www
wafw00f -a https://www

Leave a Reply

Your email address will not be published. Required fields are marked *