Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File http-waf-fingerprint

Script types: portrule
Categories: discovery, intrusive
Download: http://nmap.org/svn/scripts/http-waf-fingerprint.nse

User Summary

Tries to detect the presence of a web application firewall and its type and version.

This works by sending a number of requests and looking in the responses for known behavior and fingerprints such as Server header, cookies and headers values. Intensive mode works by sending additional WAF specific requests to detect certain behaviour.

Credit to wafw00f and w3af for some fingerprints.

Script Arguments

http-waf-fingerprint.root

The base path. Defaults to /.

http-waf-fingerprint.intensive

If set, will add WAF specific scans, which takes more time. Off by default.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap --script=http-waf-fingerprint <targets>
nmap --script=http-waf-fingerprint --script-args http-waf-fingerprint.intensive=1 <targets>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-waf-fingerprint:
|   Detected WAF
|_    BinarySec version 3.2.2

Requires


Author: Hani Benhabiles

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]