whatwaf
Detect and bypass web application firewalls and protection systems
Details
Category: Recon
Publisher: trickest-mhmdiaa
Created Date: 1/19/2024
Container: quay.io/trickest/whatwaf:06c815a-patch-3
Source URL: https://github.com/Ekultek/WhatWaf
Parameters
csv
boolean
Command:
--csv - Send the output to a CSV fileurl
string
requiredCommand:
--url - Pass a single URL to detect the protectionburp
file
Command:
--burp - Pass a Burp Suite request file to perform WAF evaluationdata
string
Command:
--data - Send this data with the POST request (*default=random)hide
boolean
Command:
--hide - Hide the banner during the runjson
boolean
requiredCommand:
--json - Send the output to a JSON filelist
file
requiredCommand:
--list - Pass a file containing URL's (one per line) to detect the protectionpost
boolean
Command:
--post - Send a POST request (*default=GET)skip
boolean
Command:
--skip - Skip checking for bypasses and just identify the firewalltest
boolean
Command:
--test - Test the connection to the website before starting (*default=True)yaml
boolean
Command:
--yaml - Send the output to a YAML fileproxy
string
Command:
--proxy - Provide a proxy to run behind in the format type://address:port (IE socks5://10.54.127.4:1080) (*default=None)encode
string
Command:
--encode - Encode a provided payload using provided tamper script(s) you are able to payy multiple tamper script load paths to this argument and the payload will be tampered as requestedgoogler
file
Command:
--googler - Pass a JSON file from the Googler CMD line tool (IE googler -n 100 --json >> googler.json)headers
string
Command:
--headers - Add your own custom headers to the request. To use multiple separate headers by comma. Your headers need to be exact(IE: Set-Cookie=a345ddsswe,X-Forwarded-For:127.0.0.1) (*default=None)threads
string
Command:
--threads - Send requests in parallel (specify number of threads (*default=1)timeout
string
Command:
--timeout - Control the timeout time of the requests (*default=15)verbose
boolean
Command:
--verbose - Run in verbose mode (more output)payloads
string
Command:
--payloads - Provide your own payloads separated by a comma IE AND 1=1,AND 2=2throttle
string
Command:
--throttle - Provide a sleep time per request (*default=0)force-ssl
boolean
Command:
--force-ssl - Force the assignment of HTTPS instead of HTTP while processing (*default=HTTP unless otherwise specified by URL)force-file
boolean
Command:
--force-file - Force the creation of a file even if there is no protection identifiedtamper-int
string
Command:
--tamper-int - Control the amount of tampers that are displayed (*default=5)user-agent
string
Command:
--pa - Provide your own personal agent to use it for the HTTP requestsverify-num
string
Command:
--verify-num - Change the request amount to verify if there really is not a WAF present(*default=5)encode-list
string
Command:
--encode-list - Encode a file containing payloads (one per line) by passing the path and load path, files can only encoded using a single tamper script load pathfingerprint
boolean
Command:
--fingerprint - Save all fingerprints for further investigationpayload-list
file
Command:
--pl - Provide a file containing a list of payloads 1 per linerandom-user-agent
boolean
Command:
--ra - Use a random user-agent for the HTTP requests (*default=whatwaf/2.1.6.3 (Language=3.10.12; Platform=Linux))determine-webserver
boolean
Command:
--determine-webserver - Attempt to determine what web server is running on the backend (IE Apache, Nginx, etc.. *default=False)