Web--WAF检测工具

最新推荐文章于 2025-09-09 15:25:06 发布

原创最新推荐文章于 2025-09-09 15:25:06 发布 · 7.2k 阅读

5 ·

CC 4.0 BY-SA版权

kaliTools 专栏收录该内容

16 篇文章

订阅专栏

本文介绍了使用Nmap和wafw00f工具进行Web应用防火墙(WAF)的检测与识别方法。通过Nmap的http-waf-detect脚本，可初步检测目标网站是否部署了WAF。更详细的WAF指纹识别则可通过wafw00f工具完成，它能识别众多品牌的WAF，如ModSecurity、CloudFlare等。

部署运行你感兴趣的模型镜像

WAF

waf是一个web应用的保护装置,入侵检测系统IDS,入侵阻止系统IPS.

nmap

nmap -p 80 --script http-waf-detect.nse www.baidu.com
Nmap scan report for www.baidu.com (61.135.169.125)
Host is up (0.0042s latency).
Other addresses for www.baidu.com (not scanned): 61.135.169.121

PORT   STATE SERVICE
80/tcp open  http
| http-waf-detect: IDS/IPS/WAF detected:
|_www.baidu.com:80/?p4yl04d3=<script>alert(document.cookie)</script>

更加准确的检查可使用--script=http-waf-fingerprint

Wafw00f

这款工具可以识别很多厂家的web防火墙

Options:
  -h, --help            show this help message and exit
  -v, --verbose         enable verbosity - multiple -v options increase
                        verbosity
  -a, --findall         Find all WAFs, do not stop testing on the first one
  -r, --disableredirect
                        Do not follow redirections given by 3xx responses
  -t TEST, --test=TEST  Test for one specific WAF
  -l, --list            List all WAFs that we are able to detect
  -p PROXY, --proxy=PROXY
                        Use an HTTP proxy to perform requests, example:
                        http://hostname:8080, socks5://hostname:1080
  -V, --version         Print out the version
  -H HEADERSFILE, --headersfile=HEADERSFILE
                        Pass custom headers, for example to overwrite the
                        default User-Agent string

-l 命令可以查看有那些防火墙品牌 -t 还可指定检查是否装置该品牌的防火墙装置 -a -v 将会检查所有

wafw00f -l

Can test for these WAFs:

InfoGuard Airlock
Anquanbao
Barracuda Application Firewall
Better WP Security
BinarySec
BlockDoS
ChinaCache-CDN
Cisco ACE XML Gateway
CloudFlare
Comodo WAF
DenyALL WAF
Applicure dotDefender
Edgecast / Verizon Digital media
F5 BIG-IP APM
F5 BIG-IP ASM
F5 BIG-IP LTM
F5 FirePass
F5 Trafficshield
FortiWeb
Art of Defence HyperGuard
IBM Web Application Security
IBM DataPower
Imperva SecureSphere
Incapsula WAF
Microsoft ISA Server
Mission Control Application Shield
Trustwave ModSecurity
ModSecurity (OWASP CRS)
Naxsi
NetContinuum
Citrix NetScaler
AdNovum nevisProxy
NSFocus
PowerCDN
Profense
Radware AppWall
Safedog
eEye Digital Security SecureIIS
Sucuri WAF
Teros WAF
Microsoft URLScan
USP Secure Entry Server
Wallarm
Aqtronix WebKnight
Juniper WebApp Secure
West263CDN
360WangZhanBao

wafw00f www.baidu.com

Checking http://www.baidu.com
The site http://www.baidu.com is behind a ModSecurity (OWASP CRS)
Number of requests: 13

指定检查

wafw00f www.baidu.com -t CloudFlare

Checking http://www.baidu.com
WAF CloudFlare was not detected on http://www.baidu.com

您可能感兴趣的与本文相关的镜像

GPT-SoVITS

AI应用

GPT-SoVITS 是一个开源的文本到语音（TTS）和语音转换模型，它结合了 GPT 的生成能力和 SoVITS 的语音转换技术。该项目以其强大的声音克隆能力而闻名，仅需少量语音样本（如5秒）即可实现高质量的即时语音合成，也可通过更长的音频（如1分钟）进行微调以获得更逼真的效果