Waffit (wafwoof) - Web Application Firewall Detection Tool | Backtrack 5 R3 | Tutorial

WAFW00F allows to identify and fingerprint WAF products protecting a website. This tool was written by Sandro Gauci && Wendel G. Henrique.

  1. This tool can only detect limited numbers of firewalls, listed below.
  2. Profense
  3. NetContinuum
  4. Barracuda
  5. HyperGuard
  6. BinarySec
  7. Teros
  8. F5 Trafficshield
  9. F5 ASM
  10. Airlock
  11. Citrix NetScaler
  12. ModSecurity
  13. DenyALL
  14. dotDefender
  15. webApp.secure
  16. BIG-IP
  17. URLScan
  18. WebKnight
  19. SecureIIS
  20. Imperva


How to open it:-
To open it goto, Backtrack >> Information Gathering >> Web Application Analysis >> IDS IPS Identification >> waffit or you can also open it through Terminal by opening this directory   cd /pentest/web/waffi.

How to use it:-
To use it, run this command ./wafw00f.py  

Verbose mode usage:-
To use it in verbose mode, run this command ./wafw00f.py -v.

There are few more options available for this tool, you can see it by running this command ./wafw00f.py -h.

I hope this article have helped you.

Post a Comment

M14 Network Inc. | Hassnain Arts