Linux cli command wafw00f

➡ A Linux man page (short for manual page) is a form of software documentation found on Linux and Unix-like operating systems. This man-page explains the command wafw00f and provides detailed information about the command wafw00f, system calls, library functions, and other aspects of the system, including usage, options, and examples of _. You can access this man page by typing man followed by the wafw00f.

  2 minute read  

NAME 🖥️ wafw00f 🖥️

Identify and fingerprint Web Application Firewall products

SYNOPSIS

wafw00f url1 [url2 [url3 … ]]

DESCRIPTION

The Web Application Firewall Identification and Fingerprinting Tool.

To do its magic, WAFW00F does the following:
Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is active>

OPTIONS

-h, –help
Show available options.

-v, –verbose
Enable verbosity - multiple -v options increase verbosity.

-a, –findall
Find all WAFs, do not stop testing on the first one.

-r, –noredirect
Do not follow redirections given by 3xx responses.

-t WAF, –test=WAF
Test for one specific WAF product.

-o OUTPUT, –output=OUTPUT
Write output to csv, json or text file depending on file extension. For stdout, specify - as filename.

-i INPUT, –input=INPUT
Read targets from a file. Input format can be csv, json or text. For csv and json, a `url` column name or element is required.

-l, –list
List all the WAFs that WAFW00F is able to detect.

-p PROXY, –proxy=PROXY
Use an HTTP proxy to perform requests, example: http://hostname:8080, socks5://hostname:1080.

-V, –version
Print out the version.

-H FILE, –headers=FILE
Pass custom headers, for example to overwrite the default user-agent string.

AUTHORS

Sandro Gauci (@SandroGauci)
Pinaki Mondal (@0xInfection)

REPORTING BUGS

You can report bugs at the project homepage issue tracker: <https://github.com/EnableSecurity/wafw00f/issues/>.

COPYRIGHT

Copyright (C) 2009-2022 WAFW00F Developers. License: BSD 3-Clause <https://opensource.org/licenses/BSD-3-Clause>.
This is free software: you are free to modify and distribute under the terms as permitted by the license provided alongwith.

SEE ALSO

Full documentation is available at: <https://github.com/EnableSecurity/wafw00f/wiki/>.

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

  █║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌

              ██╗ ██╗ ██████╗  ██████╗ ██╗  ██╗███████╗██████╗
             ████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
             ╚██╔═██╔╝██║  ██║██║   ██║ ╚███╔╝ █████╗  ██║  ██║
             ████████╗██║  ██║██║   ██║ ██╔██╗ ██╔══╝  ██║  ██║
             ╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
              ╚═╝ ╚═╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝╚══════╝╚═════╝

               █║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░