安防工作-[/]
┌──(rootkali)-[/]
└─# wafw00f -h
Usage: wafw00f url1 [url2 [url3 … ]]
example: wafw00f http://www.victim.org/
Options:
-h, --help show this help message and exit
-v, --verbose Enable verbosity, multiple -v options increase
verbosity
-a, --findall Find all WAFs which match the signatures, do not stop testing on the first one
-r, --noredirect Do not follow redirections given by 3xx responses -t TEST, --test=TEST Test for one specific WAF
-o OUTPUT, --output=OUTPUT
Write output to csv, json or text file depending on file extension. For stdout, specify - as filename.
-i INPUT, --input-file=INPUT
Read targets from a file. Input format can be csv, json or text. For csv and json, a url column name or
element is required. -l, --list List all WAFs that WAFW00F is able to detect
-p PROXY, --proxy=PROXY
Use an HTTP proxy to perform requests, examples: http://hostname:8080, socks5://hostname:1080,
http://user:pass@hostname:8080
-V, --version Print out the current version of WafW00f and exit.
-H HEADERS, --headers=HEADERS
Pass custom headers via a text file to overwrite the
default header set.
┌──(rootkali)-[/]
└─# wafw00f www.baidu.com
______
/
( W00f! )
____/
,, __ 404 Hack Not Found
|`-.__ / / __ __
/" _/ /_/ / /
*===* / _/ / 405 Not Allowed
/ )__// /
/| / /---` 403 Forbidden
\/` | / _
` /_\_ 502 Bad Gateway / / 500 Internal Error
`_____``-` /_/ _
~ WAFW00F : v2.1.0 ~
The Web Application Firewall Fingerprinting Toolkit
[] Checking https://www.baidu.com
[+] Generic Detection results:
[] The site https://www.baidu.com seems to be behind a WAF or some sort of security solution
[~] Reason: The server header is different when an attack is detected.
The server header for a normal response is “BWS/1.1”, while the server header a response to an attack is “Apache”,
[~] Number of requests: 7
(rootkali)-[/]
