identYwaf is an identification software that may acknowledge net protection sort (i.e. WAF) based mostly on blind inference. Blind inference is being carried out by inspecting responses provoked by a set of predefined offensive (non-damaging) payloads, the place these are used solely to set off the online safety system in between (e.g.
http://<host>?aeD0oowi=1 AND 2>1). Currently it helps greater than 60 completely different safety merchandise (e.g.
Wordfence, and many others.), whereas the data-base is consistently rising.
Also, as a part of this undertaking, screenshots of attribute responses for various net safety techniques are being gathered (manually) for the long run reference.
You can obtain the most recent zipball by clicking here.
Preferably, you may obtain identYwaf by cloning the Git repository:
git clone --depth 1 https://github.com/stamparm/identYwaf.git
identYwaf works out of the field with Python model 2.6.x and 2.7.x on any platform.
$ python identYwaf.py __ __ ____ ___ ___ ____ ______ | T T __ __ ____ _____ l j| / _]| | T| | || T__T T / T| __| | T | / [_ | _ Yl_j l_j| ~ || | | |Y o || l_ | | | D YY _]| | | | | |___ || | | || || _| j l | || [_ | | | | | | ! / | | || ] |____jl_____jl_____jl__j__j l__j l____/ _/_/ l__j__jl__j (1.0.X) Usage: python identYwaf.py [options] <host|url> Options: --version Show program's model quantity and exit -h, --help Show this assist message and exit --delay=DELAY Delay (sec) between checks (default: 0) --timeout=TIMEOUT Response timeout (sec) (default: 10) --proxy=PROXY HTTP proxy deal with (e.g. "http://127.0.0.1:8080")