Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked WhatWaf v1.5 Detect & bypass web application firewalls and protection systems

itsMe

By MASTERitsMe
in Pentesting

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

WhatWaf is an advanced firewall detection tool whose goal is to give you the idea of “There’s a WAF?”. WhatWaf works by detecting a firewall on a web application and attempting to detect a bypass (or two) for said firewall, on the specified target.

Features

  •     Ability to run on a single URL with the -u/--url flag
  •     Ability to run through a list of URL’s with the -l/--list flag
  •     Ability to detect over 40 different firewalls
  •     Ability to try over 20 different tampering techniques
  •     Ability to pass your own payloads either from a file, from the terminal, or use the default payloads
  •     Default payloads that are guaranteed to produce at least one WAF triggering
  •     Ability to bypass firewalls using both SQLi techniques and cross-site scripting techniques
  •     Ability to run behind multiple proxy types (socks4, socks5, http, https, and Tor)
  •     Ability to use a random user agent, personal user agent, or custom default user agent
  •     Auto-assign protocol to HTTP or ability to force protocol to HTTPS
  •     A built-in encoder so you can encode your payloads into the discovered bypasses
  •     More to come…


This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.