whatwaf
Detect and bypass web application firewalls and protection systems
Details
Category: Recon
Publisher: trickest-mhmdiaa
Created Date: 1/19/2024
Container: quay.io/trickest/whatwaf:06c815a-patch-3
Source URL: https://github.com/Ekultek/WhatWaf
Parameters
csv
boolean
Command:
--csv
- Send the output to a CSV fileurl
string
requiredCommand:
--url
- Pass a single URL to detect the protectionburp
file
Command:
--burp
- Pass a Burp Suite request file to perform WAF evaluationdata
string
Command:
--data
- Send this data with the POST request (*default=random)hide
boolean
Command:
--hide
- Hide the banner during the runjson
boolean
requiredCommand:
--json
- Send the output to a JSON filelist
file
requiredCommand:
--list
- Pass a file containing URL's (one per line) to detect the protectionpost
boolean
Command:
--post
- Send a POST request (*default=GET)skip
boolean
Command:
--skip
- Skip checking for bypasses and just identify the firewalltest
boolean
Command:
--test
- Test the connection to the website before starting (*default=True)yaml
boolean
Command:
--yaml
- Send the output to a YAML fileproxy
string
Command:
--proxy
- Provide a proxy to run behind in the format type://address:port (IE socks5://10.54.127.4:1080) (*default=None)encode
string
Command:
--encode
- Encode a provided payload using provided tamper script(s) you are able to payy multiple tamper script load paths to this argument and the payload will be tampered as requestedgoogler
file
Command:
--googler
- Pass a JSON file from the Googler CMD line tool (IE googler -n 100 --json >> googler.json)headers
string
Command:
--headers
- Add your own custom headers to the request. To use multiple separate headers by comma. Your headers need to be exact(IE: Set-Cookie=a345ddsswe,X-Forwarded-For:127.0.0.1) (*default=None)threads
string
Command:
--threads
- Send requests in parallel (specify number of threads (*default=1)timeout
string
Command:
--timeout
- Control the timeout time of the requests (*default=15)verbose
boolean
Command:
--verbose
- Run in verbose mode (more output)payloads
string
Command:
--payloads
- Provide your own payloads separated by a comma IE AND 1=1,AND 2=2throttle
string
Command:
--throttle
- Provide a sleep time per request (*default=0)force-ssl
boolean
Command:
--force-ssl
- Force the assignment of HTTPS instead of HTTP while processing (*default=HTTP unless otherwise specified by URL)force-file
boolean
Command:
--force-file
- Force the creation of a file even if there is no protection identifiedtamper-int
string
Command:
--tamper-int
- Control the amount of tampers that are displayed (*default=5)user-agent
string
Command:
--pa
- Provide your own personal agent to use it for the HTTP requestsverify-num
string
Command:
--verify-num
- Change the request amount to verify if there really is not a WAF present(*default=5)encode-list
string
Command:
--encode-list
- Encode a file containing payloads (one per line) by passing the path and load path, files can only encoded using a single tamper script load pathfingerprint
boolean
Command:
--fingerprint
- Save all fingerprints for further investigationpayload-list
file
Command:
--pl
- Provide a file containing a list of payloads 1 per linerandom-user-agent
boolean
Command:
--ra
- Use a random user-agent for the HTTP requests (*default=whatwaf/2.1.6.3 (Language=3.10.12; Platform=Linux))determine-webserver
boolean
Command:
--determine-webserver
- Attempt to determine what web server is running on the backend (IE Apache, Nginx, etc.. *default=False)