WAFW00F

The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository.

Features

Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions
Web Application Firewall Fingerprinting Tool
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website
It sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is
It analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks

Project Samples

Project Activity

See All Activity >

License

BSD License

Follow WAFW00F

WAFW00F Web Site

Other Useful Business Software

$300 Free Credits for Your Google Cloud Projects

Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.

Start Free Trial

Rate This Project

User Reviews

Be the first to post a review of WAFW00F!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Web Application Firewalls (WAF)

Registered

2023-08-02

Similar Business Software

Cloudflare

Cloudflare is the foundation for your infrastructure, applications, and teams. Cloudflare secures and ensures the reliability of your external-facing resources such as websites, APIs, and applications. It protects your internal resources such as behind-the-firewall applications, teams, and...

See Software
Fortinet FortiWeb Web Application Firewall

Unprotected web applications and APIs are the easiest point of entry for hackers and vulnerable to a number of attack types. FortiWeb's AI-enhanced and multi-layered approach protects your web apps from the OWASP Top 10 and more. FortiWeb ML customizes the protection of each application,...

See Software
Alibaba Cloud WAF

Web Application Firewall (WAF) protects your website servers against intrusions. Our service detects and blocks malicious traffic directed to your websites and applications. WAF secures your core business data and prevents server malfunctions caused by malicious activities and attacks. Alibaba...

See Software
SafeLine WAF

SafeLine WAF is a self-hosted, semantic-based Web Application Firewall developed by the team at Chaitin Technology. It focuses on protecting web applications from a wide range of threats, especially zero-day and application-layer (Layer 7) attacks, with high precision and minimal false...

See Software
SKUDONET

SKUDONET Enterprise Edition is an Application Delivery and Security Platform built on Linux Debian 12.5 LTS for critical enterprise environments. Formerly known as Zevenet, it provides advanced L4/L7 load balancing, integrated WAF, TLS management with Let’s Encrypt and wildcard support, and...

See Software
CacheGuard

CacheGuard-OS is a free, open-source Linux-based network security appliance OS that turns any standard x86 machine into a UTM gateway. It sits between your devices and your ISP router, becoming the checkpoint for all internet traffic — no IT team required. Open-source since its first release,...

See Software