User Tools

Site Tools


WAFW00F Package Description

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products.

How does it work?

To do its magic, WAFW00F does the following:

Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions

If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is

If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.


WAFW00F Homepage | BlackWeb WAFW00F Repo

wafw00f.txt · Last modified: 2019/05/01 13:43 by admin

(C) BlackWeb Security 2017 - 2020