wafw00f

December 31, 2020


Web application firewalls are firewalls designed to protect web applications from web based attacks. Web application firewalls focus on enforcing rules for HTTP and HTTPS traffic. 

WafW00f is a tool that attempts to identify and fingerprint web application firewalls. It does this by sending http requests and analyzing the response. WafW00f has a large and growing list of known web application firewalls that it can identify through its scans. It is particularly helpful for penetration testers investing their targets for weaknesses and vulnerabilities. 


In this article I will walk through the process of using wafw00f to identify web application firewalls. For this walk through I used the preinstalled version of wafw00f found in the Kali Linux distro.


  1. To open wafw00f you can use the kali menu and navigate to Information Gathering >IDS/IPS identification. This will open a terminal window with wafw00f displaying its help screen.

Alternatively you can simply open a terminal window and type “wafw00f”. 






wafw00f


  1. To run a scan against a target simply type “wafw00f” followed by the target address or ip address. Be sure to include the transfer protocol (i.e http/https) when typing out the address.


wafw00f http://testaspnet.vulnweb.com



  1. Wafw00f will then perform its scan and display its results. If successful you will see information indicating the type or brand of the web application firewall used by your target. 

 




Additional Features and Functions:


Saving Results:


Wafw00f allows you to write an output file in csv, txt, and json format. The following will save a wafw00f scan to my desktop in json format.  



wafw00f http://testaspnet.vulnweb.com -o /home/kali/Desktop/results.json





Using Input files:

Wafw00f allows you to conduct a scan using input files. These input files can contain a list of multiple targets and will allow you to scan multiple targets quickly. 


In this screenshot you can see that i have a text file name targets.txt with multiple web addresses.


Using the -i option in wafw00f i am able to use the targets within my text file for scanning. 






wafw00f -i /home/kali/Desktop/targets.txt







Once the scan is complete wafw00f will list all of the targets and their associated results. 



 


Leave a Comment

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.