How To Hack: Wafw00f Tutorial – Web Application Firewall Detection Tool



This is a Web Application Firewall Detection Tool.

The tool was written by – Sandro Gauci And G. Henrique.


It will help you detect the WAF ( Web Application Firewall )  behind the any domain.

Wiffit (Wafw00f ) can test for these Firewalls listed in the image –

If any firewall is detected from the list it will display on-screen


How Wiffit (Wafw00f) detects Web Application Firewall (WAF)

To detect WAF it looks for the following things :

  • Cookies
  • ServerCloaking
  • Response Codes
  • Drop Action
  • Pre Built-In Rules

How to Open Wiffit On Backtrack 5

Backtrack > Information Gathering > Web Application Analysis > IDS IPS Identification > waffit


How to Open Wiffit On Kali Linux

Applications > Kali Linux > Information Gathering > IDS/IPS Identification > wafw00f


wafw00f is open now , see the below image for more details –


How to use wafw00f

Example 1 :

Usage :

  1. root@root :

    wafw00f [ target url ]

  2. Example :


  3. This example shows that is behind the Web Application Firewall.
  4. is behind the Imperva WAF.



Example 2 :

  • Here is also behind the WAF .
  • All these images shows these website are using IDS and it blocks my request all the time .



Example 3 :

  • Flipkart is also using WAF (Web Application Firewall)



Example 4 :

  • Famous Orkut Website also display that the site is behind the WAF.



Websites with no WAF

Example 5 :

  • No WAF Detect , may be they are using different WAF which are not in the list of wafw00f.


Example 6 :

  • No WAF Detection on website .



Example 7 :



Example  8 :



Example 9 :



This is how we can use this tool on Backtrack 5 or Kali Linux.

Hope this tool helps you in your penetration testing WAF Detection .

If you like this tutorial , then drop a comment.

One disadvantage , it can be easily detected, so be careful with your scans.

Tagged , , , , , , , , , , , , , , , . Bookmark the permalink.

3 Responses to How To Hack: Wafw00f Tutorial – Web Application Firewall Detection Tool

  1. Anonymous says:

    Hi Peter!
    Thank you for this website, I am a new visitor and found this site to be great.
    Just a question so how we avoid getting detected by the Firewall logs if we scan them.

    • Well as with most things, you would probably not want to be scanning from an IP that can be linked to you.
      You will probably want to turn your research attention to proxies, vpns, wifi, and other ways you can jump around the world before reaching your target.

  2. vineet chhabra says:

    PLease upload a blog on anonymity, vpns proxies, how to keep ourself spoofed..

Leave a Reply

Your email address will not be published. Required fields are marked *