From 2656ea15a5e0b8005c2c2e71bf1edc0e3f0d13a3 Mon Sep 17 00:00:00 2001 From: Sandro Gauci Date: Wed, 29 Jan 2020 13:24:09 +0100 Subject: [PATCH] bumped version --- README.md | 352 ++++++++++++++++++++++---------------------- wafw00f/__init__.py | 2 +- 2 files changed, 181 insertions(+), 173 deletions(-) diff --git a/README.md b/README.md index 0de18082..c656ab5b 100644 --- a/README.md +++ b/README.md @@ -46,166 +46,177 @@ WAFW00F can detect a number of firewalls, a list of which is as below: ``` $ wafw00f -l - - ______ - / \ - ( W00f! ) - \ ____/ - ,, __ 404 Hack Not Found - |`-.__ / / __ __ - /" _/ /_/ \ \ / / - *===* / \ \_/ / 405 Not Allowed - / )__// \ / - /| / /---` 403 Forbidden - \\/` \ | / _ \ - `\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error - `_____``-` /_/ \_\ - - ~ WAFW00F : v2.0.0 ~ - The Web Application Firewall Fingerprinting Toolkit + ______ + / \ + ( Woof! ) + \ ____/ ) + ,, ) (_ + .-. - _______ ( |__| + ()``; |==|_______) .)|__| + / (' /|\ ( |__| + ( / ) / | \ . |__| + \(_)_)) / | \ |__| + ~ WAFW00F : v2.1.0 ~ + The Web Application Firewall Fingerprinting Toolkit + [+] Can test for these WAFs: - WAF Name Manufacturer - -------- ------------ + WAF Name Manufacturer + -------- ------------ - ACE XML Gateway Cisco - aeSecure aeSecure - AireeCDN Airee - Airlock Phion/Ergon - Alert Logic Alert Logic - AliYunDun Alibaba Cloud Computing - Anquanbao Anquanbao - AnYu AnYu Technologies - Approach Approach - AppWall Radware - Armor Defense Armor - ArvanCloud ArvanCloud - ASP.NET Generic Microsoft - ASPA Firewall ASPA Engineering Co. - Astra Czar Securities - AzionCDN AzionCDN - Azure Front Door Microsoft - Barikode Ethic Ninja - Barracuda Barracuda Networks - Bekchy Faydata Technologies Inc. - Beluga CDN Beluga - BinarySec BinarySec - BitNinja BitNinja - BlockDoS BlockDoS - Bluedon Bluedon IST - CacheWall Varnish - CacheFly CDN CacheFly - Comodo cWatch Comodo CyberSecurity - Chuang Yu Shield Yunaq - Cloudbric Penta Security - Cloudflare Cloudflare Inc. - Cloudfloor Cloudfloor DNS - Cloudfront Amazon - CrawlProtect Jean-Denis Brun - DataPower IBM - DenyALL Rohde & Schwarz CyberSecurity - Distil Distil Networks - DOSarrest DOSarrest Internet Security - DotDefender Applicure Technologies - Edgecast Verizon Digital Media - Eisoo Cloud Firewall Eisoo - Expression Engine EllisLab - BIG-IP AppSec Manager F5 Networks - BIG-IP AP Manager F5 Networks - Fastly Fastly CDN - FirePass F5 Networks - FortiWeb Fortinet - Greywizard Grey Wizard - Huawei Cloud Firewall Huawei - HyperGuard Art of Defense - Imunify360 CloudLinux - Incapsula Imperva Inc. - IndusGuard Indusface - Instart DX Instart Logic - ISA Server Microsoft - Jiasule Jiasule - Kona SiteDefender Akamai - KS-WAF KnownSec - KeyCDN KeyCDN - LimeLight CDN LimeLight - LiteSpeed LiteSpeed Technologies - Open-Resty Lua Nginx FLOSS - Oracle Cloud Oracle - Malcare Inactiv - MaxCDN MaxCDN - ModSecurity SpiderLabs - NAXSI NBS Systems - Nemesida PentestIt - NevisProxy AdNovum - NetContinuum Barracuda Networks - NetScaler AppFirewall Citrix Systems - Newdefend NewDefend - NexusGuard Firewall NexusGuard - NinjaFirewall NinTechNet - NullDDoS Protection NullDDoS - NSFocus NSFocus Global Inc. - OnMessage Shield BlackBaud - PerimeterX PerimeterX - PentaWAF Global Network Services - pkSecurity IDS pkSec - PowerCDN PowerCDN - Profense ArmorLogic - Puhui Puhui - Qiniu Qiniu CDN - Reblaze Reblaze - RSFirewall RSJoomla! - Sabre Firewall Sabre - Safe3 Web Firewall Safe3 - Safedog SafeDog - Safeline Chaitin Tech. - SecKing SecKing - eEye SecureIIS BeyondTrust - SecuPress WP Security SecuPress - SecureSphere Imperva Inc. - Secure Entry United Security Providers - SEnginx Neusoft - ServerDefender VP Port80 Software - Shield Security One Dollar Plugin - Shadow Daemon Zecure - SiteGround SiteGround - SiteGuard Sakura Inc. - Sitelock TrueShield - SonicWall Dell - UTM Web Protection Sophos - Squarespace Squarespace - SquidProxy IDS SquidProxy - StackPath StackPath - Sucuri CloudProxy Sucuri Inc. - Teros Citrix Systems - Trafficshield F5 Networks - TransIP Web Firewall TransIP - URLScan Microsoft - UEWaf UCloud - Varnish OWASP - Viettel Cloudrity - VirusDie VirusDie LLC - Wallarm Wallarm Inc. - WatchGuard WatchGuard Technologies - WebARX WebARX Security Solutions - WebKnight AQTRONIX - WebLand WebLand - RayWAF WebRay Solutions - WebSEAL IBM - WebTotem WebTotem - West263 CDN West263CDN - Wordfence Defiant - WP Cerber Security Cerber Tech - WTS-WAF WTS - 360WangZhanBao 360 Technologies - XLabs Security WAF XLabs - Xuanwudun Xuanwudun - Yundun Yundun - Yunsuo Yunsuo - Yunjiasu Baidu Cloud Computing - YXLink YxLink Technologies - Zenedge Zenedge - ZScaler Accenture + ACE XML Gateway Cisco + aeSecure aeSecure + AireeCDN Airee + Airlock Phion/Ergon + Alert Logic Alert Logic + AliYunDun Alibaba Cloud Computing + Anquanbao Anquanbao + AnYu AnYu Technologies + Approach Approach + AppWall Radware + Armor Defense Armor + ArvanCloud ArvanCloud + ASP.NET Generic Microsoft + ASPA Firewall ASPA Engineering Co. + Astra Czar Securities + AWS Elastic Load Balancer Amazon + AzionCDN AzionCDN + Azure Front Door Microsoft + Barikode Ethic Ninja + Barracuda Barracuda Networks + Bekchy Faydata Technologies Inc. + Beluga CDN Beluga + BIG-IP Local Traffic Manager F5 Networks + BinarySec BinarySec + BitNinja BitNinja + BlockDoS BlockDoS + Bluedon Bluedon IST + BulletProof Security Pro AITpro Security + CacheWall Varnish + CacheFly CDN CacheFly + Comodo cWatch Comodo CyberSecurity + CdnNS Application Gateway CdnNs/WdidcNet + ChinaCache Load Balancer ChinaCache + Chuang Yu Shield Yunaq + Cloudbric Penta Security + Cloudflare Cloudflare Inc. + Cloudfloor Cloudfloor DNS + Cloudfront Amazon + CrawlProtect Jean-Denis Brun + DataPower IBM + DenyALL Rohde & Schwarz CyberSecurity + Distil Distil Networks + DOSarrest DOSarrest Internet Security + DotDefender Applicure Technologies + DynamicWeb Injection Check DynamicWeb + Edgecast Verizon Digital Media + Eisoo Cloud Firewall Eisoo + Expression Engine EllisLab + BIG-IP AppSec Manager F5 Networks + BIG-IP AP Manager F5 Networks + Fastly Fastly CDN + FirePass F5 Networks + FortiWeb Fortinet + GoDaddy Website Protection GoDaddy + Greywizard Grey Wizard + Huawei Cloud Firewall Huawei + HyperGuard Art of Defense + Imunify360 CloudLinux + Incapsula Imperva Inc. + IndusGuard Indusface + Instart DX Instart Logic + ISA Server Microsoft + Janusec Application Gateway Janusec + Jiasule Jiasule + Kona SiteDefender Akamai + KS-WAF KnownSec + KeyCDN KeyCDN + LimeLight CDN LimeLight + LiteSpeed LiteSpeed Technologies + Open-Resty Lua Nginx FLOSS + Oracle Cloud Oracle + Malcare Inactiv + MaxCDN MaxCDN + Mission Control Shield Mission Control + ModSecurity SpiderLabs + NAXSI NBS Systems + Nemesida PentestIt + NevisProxy AdNovum + NetContinuum Barracuda Networks + NetScaler AppFirewall Citrix Systems + Newdefend NewDefend + NexusGuard Firewall NexusGuard + NinjaFirewall NinTechNet + NullDDoS Protection NullDDoS + NSFocus NSFocus Global Inc. + OnMessage Shield BlackBaud + Palo Alto Next Gen Firewall Palo Alto Networks + PerimeterX PerimeterX + PentaWAF Global Network Services + pkSecurity IDS pkSec + PT Application Firewall Positive Technologies + PowerCDN PowerCDN + Profense ArmorLogic + Puhui Puhui + Qiniu Qiniu CDN + Reblaze Reblaze + RSFirewall RSJoomla! + RequestValidationMode Microsoft + Sabre Firewall Sabre + Safe3 Web Firewall Safe3 + Safedog SafeDog + Safeline Chaitin Tech. + SecKing SecKing + eEye SecureIIS BeyondTrust + SecuPress WP Security SecuPress + SecureSphere Imperva Inc. + Secure Entry United Security Providers + SEnginx Neusoft + ServerDefender VP Port80 Software + Shield Security One Dollar Plugin + Shadow Daemon Zecure + SiteGround SiteGround + SiteGuard Sakura Inc. + Sitelock TrueShield + SonicWall Dell + UTM Web Protection Sophos + Squarespace Squarespace + SquidProxy IDS SquidProxy + StackPath StackPath + Sucuri CloudProxy Sucuri Inc. + Tencent Cloud Firewall Tencent Technologies + Teros Citrix Systems + Trafficshield F5 Networks + TransIP Web Firewall TransIP + URLMaster SecurityCheck iFinity/DotNetNuke + URLScan Microsoft + UEWaf UCloud + Varnish OWASP + Viettel Cloudrity + VirusDie VirusDie LLC + Wallarm Wallarm Inc. + WatchGuard WatchGuard Technologies + WebARX WebARX Security Solutions + WebKnight AQTRONIX + WebLand WebLand + RayWAF WebRay Solutions + WebSEAL IBM + WebTotem WebTotem + West263 CDN West263CDN + Wordfence Defiant + WP Cerber Security Cerber Tech + WTS-WAF WTS + 360WangZhanBao 360 Technologies + XLabs Security WAF XLabs + Xuanwudun Xuanwudun + Yundun Yundun + Yunsuo Yunsuo + Yunjiasu Baidu Cloud Computing + YXLink YxLink Technologies + Zenedge Zenedge + ZScaler Accenture + e3Learning Firewall ``` ## How do I use it? @@ -215,24 +226,21 @@ First, install the tools as described [here](#how-do-i-install-it). For help you can make use of the `--help` option. The basic usage is to pass an URL as an argument. Example: ``` -$ wafw00f https://example.org +$ wafw00f https://example.org - ______ - / \ - ( W00f! ) - \ ____/ - ,, __ 404 Hack Not Found - |`-.__ / / __ __ - /" _/ /_/ \ \ / / - *===* / \ \_/ / 405 Not Allowed - / )__// \ / - /| / /---` 403 Forbidden - \\/` \ | / _ \ - `\ /_\\_ 502 Bad Gateway / / \ \ 500 Internal Error - `_____``-` /_/ \_\ + ______ + / \ + ( Woof! ) + \ ____/ ) + ,, ) (_ + .-. - _______ ( |__| + ()``; |==|_______) .)|__| + / (' /|\ ( |__| + ( / ) / | \ . |__| + \(_)_)) / | \ |__| - ~ WAFW00F : v2.0.0 ~ - The Web Application Firewall Fingerprinting Toolkit + ~ WAFW00F : v2.1.0 ~ + The Web Application Firewall Fingerprinting Toolkit [*] Checking https://example.org [+] The site https://example.org is behind Edgecast (Verizon Digital Media) WAF. diff --git a/wafw00f/__init__.py b/wafw00f/__init__.py index dd559961..13cab78f 100644 --- a/wafw00f/__init__.py +++ b/wafw00f/__init__.py @@ -1,4 +1,4 @@ #!/usr/bin/env python -__version__ = '2.0.0' +__version__ = '2.1.0' __license__ = 'BSD 3-Clause'