Skip to content

Web Application Firewall (WAF)

Theory

Many web applications stand behind a WAF (Web Application Firewall) that aim the protecting app from different types of attacks (XSS, SQLi, etc.) by monitoring and filtering requests. Identifying if a WAF is used, and if so what type it is, can help bypass known filters.

Practice

This can be done with tools like WAFW00F (Python), WhatWaf (Python) or nmap or sometimes by manually looking at cookies and HTTP response headers.

bash
wafw00f $URL
whatwaf -u $URL
nmap -p $PORT --script=http-waf-fingerprint,http-waf-detect $URL