wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Details
Category: Scanners
Publisher: trickest
Created Date: 9/7/2021
Container: quay.io/trickest/wafw00f:ae6a67f
Source URL: https://github.com/EnableSecurity/wafw00f
Parameters
url
string
requiredCommand:
- Specify target url(s) url1 [url2 [url3 ... ]]list
boolean
Command:
--list
- List all WAFs that WAFW00F is able to detecttest
string
Command:
--test
- Test for one specific WAFproxy
string
Command:
--proxy
- Use an HTTP proxy to perform requests, examples: http://hostname:8080, socks5://hostname:1080, http://user:pass@hostname:8080format
string
Command:
--format
- Force output format to csv, json or text.findall
boolean
Command:
--findall
- Find all WAFs which match the signatures, do not stop testing on the first oneheaders
file
Command:
--headers
- Pass custom headers via a text file to overwrite the default header set.verbose
boolean
Command:
--verbose
- Enable verbosityno-colors
boolean
Command:
--no-colors
- Disable ANSI colors in output.input-file
file
requiredCommand:
--input-file
- Read targets from a file. Input format can be csv, json or text. For csv and json, a `url` column name or element is required.noredirect
boolean
Command:
--noredirect
- Do not follow redirections given by 3xx responses