Web Application Firewall(WAF) Fingerprinting using Wafw00f

In this tutorial, I’m going to demonstrate Wafw00f Tool for fingerprint Web Application Firewall(WAF).

Before moving ahead, I insist you to check out my previous post about Web Application Firewall(WAF) by following below link

Link: https://saraswatirepository.com/waf/what-is-web-application-firewall-waf-its-implementations-how-to-detect-fingerprint-waf/

What is Wafw00f & how does it works?

Wafw00f is Web Application Firewall(WAF) fingerprinting tool used by Penetration Tester as a part of reconnaissance.

To dectect & fingerprint WAF, it does the following:

  • Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
  • If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
  • If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.

How to install & use wafw00f ?

In order to use this tool, you need to have Git & Python installed on your System. In my case I’ll be demonstrating on Ubuntu Linux.

Follow below steps to install & use Wafw00f (WAF Fingerprinting Tool)

1. Installing Git & Python

iamvsm@SaraswatiRepository:~$ sudo apt-get install git && apt-get install python3

2. Cloning wafw00f from Git Repository

iamvsm@SaraswatiRepository:~$ git clone https://github.com/EnableSecurity/wafw00f.git

Cloning into 'wafw00f'...

remote: Enumerating objects: 244, done.

remote: Counting objects: 100% (244/244), done.

remote: Compressing objects: 100% (221/221), done.

remote: Total 4170 (delta 192), reused 35 (delta 23), pack-reused 3926

Receiving objects: 100% (4170/4170), 643.37 KiB | 855.00 KiB/s, done.

Resolving deltas: 100% (3019/3019), done.

3. Navigate to wafw00f folder & assign execution privilege to setup.py file

iamvsm@SaraswatiRepository:~$ cd wafw00f

iamvsm@SaraswatiRepository:~/wafw00f$ sudo chmod +x setup.py

4. Installing wafw00f

iamvsm@SaraswatiRepository:~$ sudo python3 setup.py install

After successful installation of wafw00f, We’ll now verify the tool by fingerprinting my website https://saraswatirepository.com

5. Fingerprinting WAF of my website https://saraswatirepository.com

iamvsm@SaraswatiRepository:~$ wafw00f saraswatirepository.com

This how you can fingerprint WAF of any website as a part of reconnaissance.

Note: If the website is not using WAF then it will show no WAF used.

Let us take an example of website with no WAF.

iamvsm@SaraswatiRepository:~$ wafw00f google.com

As you can see that google.com is not using WAF. But they might be using another security mechanism to protect it from malicious users.

This how you can detect & fingerprint WAF using wafw00f tool.