Home linux tutorial how to use wafw00f in Linux

how to use wafw00f in Linux

wafw00f The best firewall discover

Table of Contents

web application firewalls are an excellent web apps security system, but they can be attacked if the firewalls used are known to a hacker. The first step for a hacker is to find out which firewall the target is using. Also, know all the security features of the target.

Although firewalls are very good at protecting web applications, they are vulnerable when a vulnerability is detected. If firewalls are not updated regularly you can find out their rules and bypass them easily.

What is Wafw00f?

Wafw00f is a popular python program used to accurately detect the firewall of a website. Below is a list of wafw00f diagnostic firewalls.

				
					AeSecure (aeSecure)
Airlock (Phion/Ergon)
Alert Logic (Alert Logic)
AliYunDun (Alibaba Cloud Computing)
Anquanbao (Anquanbao)
AnYu (AnYu Technologies)
Approach (Approach)
Armor Defense (Armor)
ASP.NET Generic Protection (Microsoft)
Astra Web Protection (Czar Securities)
AWS Elastic Load Balancer (Amazon)
Yunjiasu (Baidu Cloud Computing)
Barikode (Ethic Ninja)
Barracuda Application Firewall (Barracuda Networks)
Bekchy (Faydata Technologies Inc.)
BinarySec (BinarySec)
BitNinja (BitNinja)
BlockDoS (BlockDoS)
Bluedon (Bluedon IST)
CacheWall (Varnish)
CdnNS Application Gateway (CdnNs/WdidcNet)
WP Cerber Security (Cerber Tech)
ChinaCache CDN Load Balancer (ChinaCache)
Chuang Yu Shield (Yunaq)
ACE XML Gateway (Cisco)
Cloudbric (Penta Security)
Cloudflare (Cloudflare Inc.)
Cloudfront (Amazon)
Comodo cWatch (Comodo CyberSecurity)
CrawlProtect (Jean-Denis Brun)
DenyALL (Rohde & Schwarz CyberSecurity)
Distil (Distil Networks)
DOSarrest (DOSarrest Internet Security)
DotDefender (Applicure Technologies)
DynamicWeb Injection Check (DynamicWeb)
Edgecast (Verizon Digital Media)
Expression Engine (EllisLab)
BIG-IP Access Policy Manager (F5 Networks)
BIG-IP Application Security Manager (F5 Networks)
BIG-IP Local Traffic Manager (F5 Networks)
FirePass (F5 Networks)
Trafficshield (F5 Networks)
FortiWeb (Fortinet)
GoDaddy Website Protection (GoDaddy)
Greywizard (Grey Wizard)
HyperGuard (Art of Defense)
DataPower (IBM)
Imunify360 (CloudLinux)
Incapsula (Imperva Inc.)
Instart DX (Instart Logic)
ISA Server (Microsoft)
Janusec Application Gateway (Janusec)
Jiasule (Jiasule)
KS-WAF (KnownSec)
Kona Site Defender (Akamai)
LiteSpeed Firewall (LiteSpeed Technologies)
Malcare (Inactiv)
Mission Control Application Shield (Mission Control)
ModSecurity (SpiderLabs)
NAXSI (NBS Systems)
Nemesida (PentestIt)
NetContinuum (Barracuda Networks)
NetScaler AppFirewall (Citrix Systems)
NevisProxy (AdNovum)
Newdefend (NewDefend)
NexusGuard Firewall (NexusGuard)
NinjaFirewall (NinTechNet)
NSFocus (NSFocus Global Inc.)
OnMessage Shield (BlackBaud)
Open-Resty Lua Nginx WAF
Palo Alto Next Gen Firewall (Palo Alto Networks)
PerimeterX (PerimeterX)
pkSecurity Intrusion Detection System
PowerCDN (PowerCDN)
Profense (ArmorLogic)
AppWall (Radware)
Reblaze (Reblaze)
RSFirewall (RSJoomla!)
ASP.NET RequestValidationMode (Microsoft)
Sabre Firewall (Sabre)
Safe3 Web Firewall (Safe3)
Safedog (SafeDog)
Safeline (Chaitin Tech.)
SecuPress WordPress Security (SecuPress)
Secure Entry (United Security Providers)
eEye SecureIIS (BeyondTrust)
SecureSphere (Imperva Inc.)
SEnginx (Neusoft)
Shield Security (One Dollar Plugin)
SiteGround (SiteGround)
SiteGuard (Sakura Inc.)
Sitelock (TrueShield)
SonicWall (Dell)
UTM Web Protection (Sophos)
Squarespace (Squarespace)
StackPath (StackPath)
Sucuri CloudProxy (Sucuri Inc.)
Tencent Cloud Firewall (Tencent Technologies)
Teros (Citrix Systems)
TransIP Web Firewall (TransIP)
URLMaster SecurityCheck (iFinity/DotNetNuke)
URLScan (Microsoft)
Varnish (OWASP)
VirusDie (VirusDie LLC)
Wallarm (Wallarm Inc.)
WatchGuard (WatchGuard Technologies)
WebARX (WebARX Security Solutions)
WebKnight (AQTRONIX)
WebSEAL (IBM)
WebTotem (WebTotem)
West263 Content Delivery Network
Wordfence (Feedjit)
WTS-WAF (WTS)
360WangZhanBao (360 Technologies)
XLabs Security WAF (XLabs)
Xuanwudun
Yundun (Yundun)
Yunsuo (Yunsuo)
Zenedge (Zenedge)
ZScaler (Accenture)
				
			

Wafw00f is already installed on kali-Linux, but with the help of python, any other device can use this tool like Termux and windows. To open this tool in Linux Information Gathering > IDS/IPS Identification > Waf00f

If you want to run the Wafw00f tool through your Linux terminal, you can run it using the command given below.

				
					wafw00f -h
				
			

How to install wafw00f?

If you want to install wafw00f on your system you must first have python installed on your device and then you can install the wafw00f tool using the commands given below.

				
					git clone https://github.com/EnableSecurity/wafw00f.git
				
			
how to use wafw00f in Linux

After downloading, change your directory to the wafw00f folder and install this tool using the command given below.

				
					cd wafw00f
python setup.py install
				
			
				
					┌──(errorsfind㉿kali)-[~]
└─$ cd wafw00f
┌──(errorsfind㉿kali)-[~/wafw00f]
└─$ python setup.py install
running install
running bdist_egg
running egg_info
creating wafw00f.egg-info
writing requirements to wafw00f.egg-info/requires.txt
writing wafw00f.egg-info/PKG-INFO
writing top-level names to wafw00f.egg-info/top_level.txt
writing dependency_links to wafw00f.egg-info/dependency_links.txt
writing manifest file 'wafw00f.egg-info/SOURCES.txt'
reading manifest file 'wafw00f.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'wafw00f.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_py
creating build
creating build/lib.linux-x86_64-2.7
creating build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/manager.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/wafprio.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/main.py -> build/lib.linux-x86_64-2.7/wafw00f
creating build/lib.linux-x86_64-2.7/wafw00f/tests
copying wafw00f/tests/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f/tests
copying wafw00f/tests/test_main.py -> build/lib.linux-x86_64-2.7/wafw00f/tests
creating build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/safe3.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/nevisproxy.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5bigipasm.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/missioncontrol.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/instartdx.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
...
Installed /usr/local/lib/python2.7/dist-packages/pluginbase-1.0.0-py2.7.egg
Searching for html5lib==1.0.1
Best match: html5lib 1.0.1
Adding html5lib 1.0.1 to easy-install.pth file

Using /usr/lib/python2.7/dist-packages
Finished processing dependencies for wafw00f==1.0.0
				
			

Scan web applications with Wafw00f

How does scanning work?

This wafw00f scanning works in three steps given below.

  1. Sends a normal HTTP request and analyses the response; this identifies several WAF solutions.
  2. If that is not successful, it sends several (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
  3. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to the attacks.

Single web address scanning

First, use the command given below to scan a single web address, But you need to link HTTP to your target website, not HTTPS.

				
					wafw00f (target web address)
				
			
how to use wafw00f in Linux

Multi web address scanning

Multi-web address scanning is the same as single web address scanning, scanning your target one after the other so you can find the firewall of all your target websites at once.

				
					wafw00f url1 [url2 [url3 ... ]]
				
			
how to use wafw00f in Linux

Find the version

Use the -V option to find the version of your WAF tool.

				
					wafw00f -V
				
			
how to use wafw00f in Linux

I hope you are fully aware of the WAF tool in this post and let me know through the command section if I did not mention anything you know.

x

No Comments

Leave A Reply

Please enter your comment!
Please enter your name here