Skip to content

Releases: EnableSecurity/wafw00f

WAFW00F v2.2 Release!

17 Jul 05:15
@0xInfection 0xInfection
v2.2.0
da9b7f4
Compare
Choose a tag to compare
WAFW00F v2.2 Release! Latest
Latest

This release brings the following features to the repository:

  • New features like docker support and output format fixes.
  • Several new bug fixes and stability to the existing code.
  • Few new WAF detections.
Assets 2
Loading

WAFW00F v2.1.0

29 Jan 12:25
@sandrogauci sandrogauci
v2.1.0
2656ea1
Compare
Choose a tag to compare
WAFW00F v2.1.0

This update brings input and output file features to WafW00f! So now we have:

  • Input from JSON, CSV and TXT files to specify which URLs to scan by making use of the -i flag
  • Output to JSON, CSV, TXT files by making use of the -o flag
  • Clean standard output when passing -o - as a flag to wafw00f
  • New WAF detections included
Assets 2
Loading

WAFW00F v2.0 - Emporium

13 Dec 16:49
@0xInfection 0xInfection
v2.0.0
59e1302
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
WAFW00F v2.0 - Emporium

Here are some of the highlights from this release:

  • Entire code infrastructure of WAFW00F refactored and engine rewritten.
  • WAFW00F can now detect 150+ WAFs (largest detection database till now).
  • Every WAF plugin now has multiple methods for fingerprinting & detection.
  • Improvement to the generic WAF detection modules.
  • Major changes and improvements in the existing fingerprints.
  • Fantastic newer ASCII art with beautiful ANSI colors.
Assets 2
Loading

detect all the WAFs!

01 May 05:45
@sandrogauci sandrogauci
v1.0.0
917c757
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
detect all the WAFs!

Detect all the WAFs!

  • version bumped to 1.0.0 after 10 years that this tool has been available
  • number of WAFs being detected bumped to 112 thanks to @0xInfection
  • many WAF plugins now have multiple methods of detection
  • fixed a number of reported issues and bugs identified during testing and analysis
  • general improvement of attack methods
  • removed some old checks that were not accurate
  • new ASCII art with amazing ANSI colors

This update was possible thanks to @0xInfection 's new WAF detections, polishing of existent ones, fixes of a number of bugs and the ASCII art of course!

Assets 2
Loading

Fifty WAFs

20 Feb 08:17
@sandrogauci sandrogauci
v0.9.6
dce0d06
Compare
Choose a tag to compare
Fifty WAFs

Changes:

  • added detection of AWS LB/WAF
  • added detection of DOSarrest
  • added XLabs Security WAF upon their insistance
  • Fixed some text
  • pylinting

Thanks to everyone who contributed!

Assets 2
Loading

Number of WAFs detected is 47, fixes installation issues

14 Jun 13:23
@sandrogauci sandrogauci
v0.9.5
b71807f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Number of WAFs detected is 47, fixes installation issues Pre-release
Pre-release

Many thanks too all the contributors!

Assets 2
Loading

36 WAF detections, proxy support and moaar! (pre-release, please test)

15 Mar 19:44
@sandrogauci sandrogauci
v0.9.4
bbe6cd7
Compare
Choose a tag to compare
36 WAF detections, proxy support and moaar! (pre-release, please test) Pre-release
Pre-release

This is a pre-release for testing purposes, bleeding edge etc. Please provide feedback by filing issues and pull requests.

What's new?

  • wafw00f can now be installed using setuptools and pip as a system tool
  • you may now include or override headers by passing the --headersfile or -H option
  • socks and http proxy support thanks to Louis-Philippe Huberdeau
  • now detecting the following 36 WAFs (!!) thanks to many contributions from akun, Matt Foster, Brendan Coles and Denis Kolegov:
    • Profense
    • NetContinuum
    • Anquanbao
    • ChinaCache-CDN
    • Incapsula WAF
    • PowerCDN
    • CloudFlare
    • NSFocus
    • Safedog
    • West263CDN
    • 360WangZhanBao
    • Mission Control Application Shield
    • USP Secure Entry Server
    • Cisco ACE XML Gateway
    • Barracuda Application Firewall
    • Art of Defence HyperGuard
    • BinarySec
    • Teros WAF
    • F5 BIG-IP LTM
    • F5 BIG-IP APM
    • F5 BIG-IP ASM
    • F5 FirePass
    • F5 Trafficshield
    • InfoGuard Airlock
    • Citrix NetScaler
    • Trustwave ModSecurity
    • IBM Web Application Security
    • IBM DataPower
    • DenyALL WAF
    • Applicure dotDefender
    • Juniper WebApp Secure
    • Microsoft URLScan
    • Aqtronix WebKnight
    • eEye Digital Security SecureIIS
    • Imperva SecureSphere
    • Microsoft ISA Server
  • Code cleanups, refactoring, optimizations and so on are included in this release
Assets 2
Loading

new fingerprints and python3 support

15 May 10:07
@sandrogauci sandrogauci
v0.9.1
f5e7b83
Compare
Choose a tag to compare
new fingerprints and python3 support Pre-release
Pre-release

This release updates wafw00f to detect more Web application firewalls, thanks to contributions from various people in the CREDITS.txt. With added support for python3!

This is a prerelease for testing purposes, bleeding edge etc. Please provide feedback by filing issues, pull requests and email.

Whats new with this release?

  • first (official) release ever!
  • python3 support for the kids who download the latest and greatest
  • detection for Cloud Flare (backported from nmap waf fingerprint nse)
  • detection for Secure Entry Server (backported from nmap waf fingerprint nse)
  • detection for Cisco’s ACE XML Gateway (backported from nmap waf fingerprint nse)
  • updated barracuda (thanks to Charlie Campbell)
  • added Incapsula check (thanks to Charlie Campbell)
  • detection for IBM DataPower (thanks to Mathieu Dessus)
  • and much more juice! (see changelogs here and there)
Assets 2
Loading