X-code Professional

X-code Community

Facebook group

Telegram group

Instagram X-code

Twitter X-code

X-code Blog

X-code Github

Welcome! Anonymous

Wafid identify & fingerprint Web Application Firewall


Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya

Wafid identify & fingerprint Web Application Firewall

Postby familycode » Sat Nov 09, 2019 5:13 am


Wafid identify and fingerprint Web Application Firewall (WAF) products.

Wafid sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.

WAFid can identify these WAFs:

- 360

- Safedog

- NetContinuum

- Anquanbao

- Baidu Yunjiasu

- Knownsec KS-WAF


- Barracuda

- BinarySEC

- BlockDos

- Cisco ACE

- CloudFlare

- NetScaler

- FortiWeb

- jiasule

- Newdefend

- Palo Alto

- Safe3WAF

- Profense

- West263CDN

- WebKnight

- Wallarm

- USP Secure Entry Server

- Sucuri WAF

- Radware AppWall

- PowerCDN

- Naxsi

- Mission Control Application Shield

- IBM WebSphere DataPower

- Edgecast

- Applicure dotDefender

- Comodo WAF

- ChinaCache-CDN

- NSFocus

Download : https://github.com/CSecGroup/wafid
User avatar
Posts: 428
Joined: Thu Oct 13, 2005 4:06 pm
Location: Yogyakarta


Return to Web Hacking

Who is online

Users browsing this forum: No registered users and 11 guests