WAF Detection/ Evasion

WAFw00f

https://github.com/EnableSecurity/wafw00f

 sudo python setup.py install
 wafw00f <URL>

Nmap

nmap http-waf-detect

info: https://nmap.org/nsedoc/scripts/http-waf-detect.html

nmap -p <PORT> --script http-waf-detect <HOST>

nmap -p <PORT> --script http-waf-detect --script-args="http-waf-detect.aggro,http-waf-detect.uri=/testphp.vulnweb.com/artists.php" <HOST>

nmap http-waf-fingerprint

info: https://nmap.org/nsedoc/scripts/http-waf-fingerprint.html

nmap -p <PORT> --script=http-waf-fingerprint <targets>
 
nmap -p <PORT> --script=http-waf-fingerprint --script-args http-waf-fingerprint.intensive=1 <HOST>
PreviousHeadersNextInjection

Last updated