LinuxCommandLibrary

wafw00f

TLDR

Detect WAF

$ wafw00f [https://example.com]
copy
Test multiple URLs
$ wafw00f -i [urls.txt]
copy
List known WAFs
$ wafw00f -l
copy
Verbose output
$ wafw00f -v [https://example.com]
copy
Test all WAFs
$ wafw00f -a [https://example.com]
copy
Output to file
$ wafw00f -o [output.txt] [https://example.com]
copy

SYNOPSIS

wafw00f [-l] [-a] [-v] [options] url

DESCRIPTION

wafw00f identifies Web Application Firewalls. It sends crafted requests and analyzes responses.
Detection fingerprints WAF products. ModSecurity, Cloudflare, AWS WAF, etc.
Multiple URLs can be tested. Batch processing from file.
All mode tests against every WAF. Thorough but slower.
Proxy support routes through interceptors. Useful with Burp Suite.

PARAMETERS

-l, --list

List known WAFs.
-a, --findall
Test all WAFs.
-i FILE
Input file.
-o FILE
Output file.
-v, --verbose
Verbose output.
-t TEST
Specific test.
-p PROXY
Use proxy.

DETECTED WAFS

Cloudflare, AWS WAF, Akamai, F5 BIG-IP, ModSecurity, Imperva, Sucuri, Fortinet, and many more.

CAVEATS

For authorized testing only. Some WAFs may block detection. False positives possible.

HISTORY

wafw00f was created for web application security testing. It helps penetration testers identify protection measures.

SEE ALSO

nmap(1), nikto(1), wfuzz(1)

Copied to clipboard