identYwaf WAF识别工具 Blind WAF identification tool

目录导航

identYwaf 简介

identYwaf是一款基于盲推理识别 Web 保护类型（即 WAF）的识别工具。盲推理通过检查一组预定义的攻击性（非破坏性）有效负载引起的响应来完成，这些响应仅用于触发中间的 Web 保护系统（例如）。目前，它支持95种不同的保护产品（例如aeSecure, Airlock, CleanTalk, CrawlProtect, Imunify360, MalCare, ModSecurity, Palo Alto, SiteGuard, UrlScan, Wallarm, WatchGuard, Wordfence, 等），同时知识库也在不断增长。

可识别的waf清单

360
aeSecure
Airlock
Alert Logic
AliYunDun
Anquanbao
Approach
Armor Protection
Application Security Manager
Astra
AWS WAF
Barracuda
Bekchy
BitNinja
Bluedon
BulletProof Security Pro
CdnNsWAF
WP Cerber Security
Next Generation Firewall
Chuang Yu Shield
Cloudbric
CloudFlare
Comodo
CrawlProtect
Distil
dotDefender
DuEdge
ExpressionEngine
FortiWeb
GoDaddy Website Security
Greywizard
GTMC WAF
Imunify360
Incapsula
ISA Server
iThemes Security
Janusec Application Gateway
Jiasule
KS-WAF
Kona Site Defender
Kuipernet
MalCare
ModSecurity
NAXSI
NetScaler AppFirewall
Newdefend
Nexusguard
NinjaFirewall
onMessage Shield
OpenRASP
Palo Alto
PerimeterX
Profense
AppWall
Reblaze
ASP.NET RequestValidationMode
RSFirewall
Safe3
Safedog
SafeLine Next Gen WAF
Secure Entry Server
SecureIIS Web Server Security
SecuPress
Shield Security
SecureSphere
SiteGround
SiteGuard
TrueShield
Sniper
SonicWALL
UTM Web Protection
Squarespace
StackPath
Sucuri
Tencent Cloud|Waterproof Wall
Forefront Threat Management Gateway
Url Master SecurityCheck
UrlScan
Vercel
Varnish Firewall
Virusdie
Varnish Security Firewall
Wallarm
Wapples
WatchGuard
WebARX
WebKnight
WebLand
WebSEAL
WebTotem
Wordfence
WTS
Yundun
Yunsuo
Zenedge

安装

您可以点击此处下载最新的 zipball 。

最好可以通过克隆 Git 存储库来下载 identYwaf：

git clone --depth 1 https://github.com/stamparm/identYwaf.git

identYwaf可与任何平台上从2.6.x到3.x 的任何 Python 版本兼容。

用法

中文：

$ python identYwaf.py 
                                    __ __ 
 ____  ___      ___  ____   ______ |  T  T __    __   ____  _____ 
l    j|   \    /  _]|    \ |      T|  |  ||  T__T  T /    T|   __|
 |  T |    \  /  [_ |  _  Yl_j  l_j|  ~  ||  |  |  |Y  o  ||  l_
 |  | |  D  YY    _]|  |  |  |  |  |___  ||  |  |  ||     ||   _|
 j  l |     ||   [_ |  |  |  |  |  |     ! \      / |  |  ||  ] 
|____jl_____jl_____jl__j__j  l__j  l____/   \_/\_/  l__j__jl__j  (1.0.XX)

使用方法: python identYwaf.py [选项] <主机|URL>

选项:
  --version           显示程序的版本号并退出
  -h, --help          显示此帮助信息并退出
  --delay=DELAY       测试之间的延迟时间（秒）（默认: 0）
  --timeout=TIMEOUT   响应超时时间（秒）（默认: 10）
  --proxy=PROXY       HTTP代理地址 (例如 "http://127.0.0.1:8080")
  --proxy-file=PRO..  从文件中加载（轮替的）HTTP(s)代理列表
  --random-agent      使用随机的HTTP User-Agent头
  --code=CODE         被拒绝响应中预期的HTTP状态码
  --string=STRING     被拒绝响应中预期的字符串
  --post              使用POST方法发送payload

英文：

$ python identYwaf.py 
                                    __ __ 
 ____  ___      ___  ____   ______ |  T  T __    __   ____  _____ 
l    j|   \    /  _]|    \ |      T|  |  ||  T__T  T /    T|   __|
 |  T |    \  /  [_ |  _  Yl_j  l_j|  ~  ||  |  |  |Y  o  ||  l_
 |  | |  D  YY    _]|  |  |  |  |  |___  ||  |  |  ||     ||   _|
 j  l |     ||   [_ |  |  |  |  |  |     ! \      / |  |  ||  ] 
|____jl_____jl_____jl__j__j  l__j  l____/   \_/\_/  l__j__jl__j  (1.0.XX)

Usage: python identYwaf.py [options] <host|url>

Options:
  --version           Show program's version number and exit
  -h, --help          Show this help message and exit
  --delay=DELAY       Delay (sec) between tests (default: 0)
  --timeout=TIMEOUT   Response timeout (sec) (default: 10)
  --proxy=PROXY       HTTP proxy address (e.g. "http://127.0.0.1:8080")
  --proxy-file=PRO..  Load (rotating) HTTP(s) proxy list from a file
  --random-agent      Use random HTTP User-Agent header value
  --code=CODE         Expected HTTP code in rejected responses
  --string=STRING     Expected string in rejected responses
  --post              Use POST body for sending payloads