1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Source: wafw00f
Section: misc
Priority: optional
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Uploaders: Samuel Henrique <samueloph@debian.org>,
Daniel Echeverri <epsilon@debian.org>
Build-Depends: debhelper-compat (= 13),
dh-python,
python3-all,
python3-pluginbase,
python3-setuptools
Standards-Version: 4.7.0
Rules-Requires-Root: no
Testsuite: autopkgtest-pkg-python
Homepage: https://github.com/EnableSecurity/wafw00f
Vcs-Git: https://salsa.debian.org/pkg-security-team/wafw00f.git
Vcs-Browser: https://salsa.debian.org/pkg-security-team/wafw00f
Package: wafw00f
Architecture: all
Depends: ${misc:Depends},
${python3:Depends},
Description: identify and fingerprint Web Application Firewall products
This package identifies and fingerprints Web Application Firewall (WAF)
products using the following logic:
.
- Sends a _normal_ HTTP request and analyses the response; this identifies a
number of WAF solutions.
- If that is not successful, it sends a number of (potentially malicious)
HTTP requests and uses simple logic to deduce which WAF it is.
- If that is also not successful, it analyses the responses previously
returned and uses another simple algorithm to guess if a WAF or security
solution is actively responding to the attacks.
|
