快速和轻量级的网络应用防火墙指纹识别工具

项目地址

https://github.com/Lu1sDV/wafme0w

Wafme0w

快速且轻量级的 Web 应用程序防火墙指纹识别工具。

特征

基于 Wafw00f ,其特点是:

  • 可以检测 153 种 不同的防火墙
  • 并发指纹识别
  • 支持 标准输入
  • 庞大目标列表的快速检测模式
  • 支持多种输出格式(JSON、文件、标准输出)

入门

安装

wafme0w 需要 go >= 1.19 才能安装成功。 运行以下命令安装最新版本:

go install -v github.com/Lu1sDV/wafme0w/cmd/wafme0w@latest

运行 Wafme0w

要在目标上运行该工具,只需使用以下命令。

cat /tmp/alexa-top-30.txt | wafme0w --concurrency 30 --no-warning --no-generic

             /\_/\           ___
            = o_o =_______    \ \
             __^      __(  \.__) )
            <_____>__(_____)____/

                Wafme0w v1.0.0

Fast Web Application Firewall Fingerprinting tool

[~] https://microsoftonline.com no WAFs have been found
[~] https://reddit.com no WAFs have been found
[+] https://canva.com is behind Cloudflare (Cloudflare Inc.)
[~] https://whatsapp.com no WAFs have been found
[~] https://microsoft.com no WAFs have been found
[~] https://live.com no WAFs have been found
[~] https://163.com no WAFs have been found
[~] https://yandex.ru no WAFs have been found
[~] https://zhihu.com no WAFs have been found
[~] https://taobao.com no WAFs have been found
[~] https://wikipedia.org no WAFs have been found
[~] https://qq.com no WAFs have been found
[~] https://bilibili.com no WAFs have been found
[~] https://bing.com no WAFs have been found
[~] https://vk.com no WAFs have been found
[~] https://facebook.com no WAFs have been found
[~] https://twitch.tv no WAFs have been found
[~] https://google.com no WAFs have been found
[~] https://yahoo.com no WAFs have been found
[~] https://linkedin.com no WAFs have been found
[~] https://twitter.com no WAFs have been found
[~] https://office.com no WAFs have been found
[+] https://zoom.us is behind Cloudflare (Cloudflare Inc.)
[~] https://csdn.net no WAFs have been found
[~] https://github.com no WAFs have been found
[~] https://baidu.com no WAFs have been found
[~] https://netflix.com no WAFs have been found
[+] https://amazon.com is behind Cloudfront (Amazon)
[~] https://instagram.com no WAFs have been found
[~] https://youtube.com no WAFs have been found

|

Wafme0w Go 库

使用示例:

package main

import (
"bytes"
"fmt"
"github.com/Lu1sDV/wafme0w/pkg/wafme0w"
"os"
)

func main() {
    targets := []byte("https://google.com\nhttps://paypal.com\n")
    targetsReader := bytes.NewReader(targets)
    /*
    Otherwise you can also load your targets from a file
    targetsReader, err := os.Open("/tmp/alexa-top-20.txt")
    if err != nil {
        panic(err)
    }
    */
    fingerPrintsFile, err := os.Open("/PATH/TO/wafme0w/cmd/wafme0w/resources/waf-fingerprints.json")
    //fingerprints at https://github.com/Lu1sDV/wafme0w/blob/main/cmd/wafme0w/resources/waf-fingerprints.json
    opts := &wafme0w.Options{Inputs: targetsReader,
        FingerPrints: fingerPrintsFile,
        Silent:       true,
        Concurrency:  10,
        //FastMode:     true,
        //OutputFile: "myout.json",
    }
    runner := wafme0w.NewRunner(opts)
    result, err := runner.Scan()
    if err != nil {
        panic(err)
    }
    fmt.Printf("%#v\n", result)
}

 

请登录后发表评论

    没有回复内容