Blind WAF identification tool
identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. http://<host>?aeD0oowi=1 AND 2>1). Currently it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing.
For more information you can check slides for a talk “Blind WAF identification” held at Sh3llCON 2019 (Santander / Spain).
You can use pip to install and/or upgrade the identYwaf to latest (PyPI) version with:
pip install --upgrade identYwaf
identYwaf works out of the box with Python version 2.6, 2.7 and 3.x on any platform.
To get a list of basic options and switches use:
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size identYwaf-1.0.127.tar.gz (21.5 kB)||File type Source||Python version None||Upload date||Hashes View hashes|