WhatWaf
Tool and Usage
Project details
- License
- Custom license
- Programming language
- Python
- Latest release
- 1.9
- Latest release date
Project health
Links
 | GitHub project |
Why this tool?
WhatWaf can be helpful during security assessments to learn if a web application is protected by a WAF. If so, the bypass and avoidance techniques may help to further test or exploit the related web application.
Usage and audience
WhatWaf is commonly used for WAF bypassing, application discovery, application fingerprinting, software identification, or web application analysis. Target users for this tool are pentesters and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + The source code of this software is available
Weaknesses
- - No releases on GitHub available
Installation
Supported operating systems
WhatWaf is known to work on Linux.
Dependencies
Several dependencies are required to use WhatWaf.
- BeautifulSoup4
- requests
WhatWaf alternatives
Similar tools to WhatWaf:
wafw00f
wafw00f is a security tool to perform fingerprinting on web applications and detect any web application firewall in use.
WAFPASS
WAFPASS is a security tool to perform a security scan of a web application firewall (WAF). It tries to bypass the security defenses, to evaluate its effectiveness.
XSStrike
XSStrike is tool for penetration testers and developers to test web applications. It scans a web application for any possible cross-site scripting weakness. With its own fuzzing engine, it might find rare issues. XSStrike can also discover the presence of a web application firewall (WAF).
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a WAF detection tool, WAF security tool, application fingerprinting tool, and software identification tool.