WAF security tools

Tools

WAFPASS (web application firewall testing)

application testing, software testing, WAF bypassing

WAFPASS is a security tool to perform a security scan of a web application firewall (WAF). It tries to bypass the security defenses, to evaluate its effectiveness.

WhatWaf (WAF detection)

application discovery, application fingerprinting, software identification, WAF bypassing, web application analysis

WhatWaf can be helpful during security assessments to learn if a web application is protected by a WAF. If so, the bypass and avoidance techniques may help to further test or exploit the related web application.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.