2024-06-30 16:39:05 +10:00
|
|
|
# wafw00f
|
|
|
|
|
|
|
|
|
|
> Identify and fingerprint Web Application Firewall (WAF) products protecting a website.
|
2025-03-28 05:26:23 +02:00
|
|
|
> More information: <https://github.com/EnableSecurity/wafw00f/wiki/Usage#arguments-list>.
|
2024-06-30 16:39:05 +10:00
|
|
|
|
|
|
|
|
- Check if a website is using any WAF:
|
|
|
|
|
|
|
|
|
|
`wafw00f {{https://www.example.com}}`
|
|
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
- Test for all detectable WAFs without stopping at the first match:
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-a|--findall]}} {{https://www.example.com}}`
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
- Pass requests through a proxy (such as BurpSuite):
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-p|--proxy]}} {{http://localhost:8080}} {{https://www.example.com}}`
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-04-22 06:20:48 +03:00
|
|
|
- Test for a specific WAF product (run `wafw00f --list` to get list of all supported WAFs):
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-t|--test]}} {{Cloudflare|Cloudfront|Fastly|ZScaler|...}} {{https://www.example.com}}`
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
- Pass custom headers from a file:
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-H|--headers]}} {{path/to/headers.txt}} {{https://www.example.com}}`
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
- Read target inputs from a file and show verbose output (multiple `v` for more verbosity):
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-i|--input]}} {{path/to/urls.txt}} -{{vv}}`
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
- List all WAFs that can be detected:
|
2024-06-30 16:39:05 +10:00
|
|
|
|
2025-03-28 05:26:23 +02:00
|
|
|
`wafw00f {{[-l|--list]}}`
|
