This is a Web Application Firewall Detection Tool.
The tool was written by – Sandro Gauci And G. Henrique.
It will help you detect the WAF ( Web Application Firewall ) behind the any domain.
Wiffit (Wafw00f ) can test for these Firewalls listed in the image –
If any firewall is detected from the list it will display on-screen
How Wiffit (Wafw00f) detects Web Application Firewall (WAF)
To detect WAF it looks for the following things :
- Response Codes
- Drop Action
- Pre Built-In Rules
How to Open Wiffit On Backtrack 5
Backtrack > Information Gathering > Web Application Analysis > IDS IPS Identification > waffit
How to Open Wiffit On Kali Linux
Applications > Kali Linux > Information Gathering > IDS/IPS Identification > wafw00f
wafw00f is open now , see the below image for more details –
How to use wafw00f
Example 1 :
- root@root :
wafw00f [ target url ]
- Example :
- This example shows that utexas.edu is behind the Web Application Firewall.
- utexas.edu is behind the Imperva WAF.
Example 2 :
- Here washington.edu is also behind the WAF .
- All these images shows these website are using IDS and it blocks my request all the time .
Example 3 :
- Flipkart is also using WAF (Web Application Firewall)
Example 4 :
- Famous Orkut Website also display that the site is behind the WAF.
Websites with no WAF
Example 5 :
- No WAF Detect , may be they are using different WAF which are not in the list of wafw00f.
Example 6 :
- No WAF Detection on cornell.edu website .
Example 7 :
Example 8 :
Example 9 :
This is how we can use this tool on Backtrack 5 or Kali Linux.
Hope this tool helps you in your penetration testing WAF Detection .
If you like this tutorial , then drop a comment.
One disadvantage , it can be easily detected, so be careful with your scans.