Hacking, Hacking Tools, Vulnerability

Web Application Firewall Detection using Kali Linux- WAFW00F

Web Application Firewall

Web application attacks expanding day by day, Attacker wants to exploit flaws in your applications, Website administrator best way to detect attackers footprints in websites Web Application Firewall.

This will be detecting and blocking the specific patterns on the web applications. Pentester, well never exweb applications abilities on application rather he/she might be identifying the presence of Web Application Firewall.


  • WAFW00f is the inbuilt tool in Kali distribution or else you can install it manually.
  • It can detect around Top 22 web application firewall, so wafw00f is a phase of information gathering initially.

Limitations of WAFW00F

  • Above seen figure describes the list of web application firewall will be identified or detected by Wafw00f.

Also Read XSSer automated framework to detect, exploit and report XSS vulnerabilities

Presence of Web Application Firewall

  • Above shown figure shows pentester or attacker identified web application firewall presence.
  • Here blocking is being done at connection or packet level.

Identifying specific firewall

  • If an pentester knows how to bypass mod_security and if/she wants to know the presence of mod security.

  • So you can use wafw00f url -t Firewallname.
  • Above shown figure, Pentester has observed there is no ModSecurity in the web-application.

So it’s always good to Identify the barriers in web applications before you exploit.

Checking for XML-RPC

XML-RPC is a remote procedure call (RPC) protocol which utilizes XML to encode its calls and HTTP as a transport mechanism.

“XML-RPC” also refers generically to the use of XML for remote procedure call, separately of the specific protocol.

Also Read How to Do Penetration testing with your WordPress website detailed Explanation

Source : GBHackers

Previous ArticleNext Article
Send this to a friend