Skip to main content

Blind WAF identification tool

Project description

Build Status Python 2.x|3.x License

identYwaf is an identification tool that can recognize web protection type (i.e. WAF) based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive (non-destructive) payloads, where those are used only to trigger the web protection system in between (e.g. http://<host>?aeD0oowi=1 AND 2>1). Currently it supports more than 80 different protection products (e.g. aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, etc.), while the knowledge-base is constantly growing.

Screenshot

For more information you can check slides for a talk “Blind WAF identification” held at Sh3llCON 2019 (Santander / Spain).

Installation

You can use pip to install and/or upgrade the identYwaf to latest (PyPI) version with:

pip install --upgrade identYwaf

Alternatively, you can download the latest tarball by clicking here or latest zipball by clicking here.

identYwaf works out of the box with Python version 2.6, 2.7 and 3.x on any platform.

Usage

To get a list of basic options and switches use:

identYwaf -h

Project details


Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for identYwaf, version 1.0.127
Filename, size File type Python version Upload date Hashes
Filename, size identYwaf-1.0.127.tar.gz (21.5 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page