wafw00f

Detect WAF

$ wafw00f [https://example.com]

$ wafw00f -i [urls.txt]

$ wafw00f -l

$ wafw00f -v [https://example.com]

$ wafw00f -a [https://example.com]

$ wafw00f -o [output.txt] [https://example.com]

wafw00f [-l] [-a] [-v] [options] url

wafw00f is a security tool that identifies Web Application Firewalls (WAFs) protecting websites. It works by sending specially crafted HTTP requests and analyzing the responses for signatures and behaviors characteristic of specific WAF products.
The tool can detect a wide range of commercial and open-source WAFs including Cloudflare, AWS WAF, Akamai, F5 BIG-IP, ModSecurity, Imperva, Sucuri, and many others. In its default mode it stops after identifying the first WAF, while the all-detection mode tests against every known WAF fingerprint for thorough analysis.
Multiple URLs can be tested in batch from an input file, and proxy support allows routing traffic through interception tools like Burp Suite. The tool is designed for authorized penetration testing and security assessments to help identify protection measures before deeper testing.

-l, --list

List known WAFs.

Test all WAFs.

Input file.

Output file.

Verbose output.

Specific test.

Use proxy.

Cloudflare, AWS WAF, Akamai, F5 BIG-IP, ModSecurity, Imperva, Sucuri, Fortinet, and many more.

For authorized testing only. Some WAFs may block detection. False positives possible.

wafw00f was created for web application security testing. It helps penetration testers identify protection measures.

nmap(1), nikto(1), wfuzz(1)