Firewall Detection in Penetration Tests (Sızma Testlerinde Firewall Tespiti)

8 Ocak 2018 Pazartesi

Firewall Detection in Penetration Tests (Sızma Testlerinde Firewall Tespiti)

Hello everyone.

Today  I will write about Firewall detection in penetration testing.
Please let me know your views on the articles

E-Mail =
Twitter = @berkdusunur

What Is This Firewall ?

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.[2]
Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls filter traffic between two or more networks and run on network hardware. Host-based firewalls run on host computers and control network traffic in and out of those machines. (Wikipedia)


WAFW00F identifies and fingerprints Web Application Firewall (WAF) products.

How does it work?

To do its magic, WAFW00F does the following:
  • Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions
  • If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is
  • If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks
For further details, check out the source code on the main site,

Install And Usage  

We take the vehicle from the github repo


git clone

Ok cloned directory


1- cd wafw00f
2- ls
3- chmod +x
4- python install

Installed in required packages

First Scan



He made 15 requests but could not detect an firewall



Found CloudFlare IDS






Similar tools 


This is a simple package for Web Application Firewall Detection. It supports CloudFlare, Incapsula, ModSecurity, and Shieldfy out of the box.

git clone

Install Composer

For ARCH Linux = pacman -S composer

For debian = apt-get install composer


composer require shieldfy/waf-detector

We will bypass many firewall systems including CloudFlare in my next article

Thank You For Reading 

Stay in Follow

0 yorum :

Yorum Gönder