HOUDINI

Input name: wordlist_src_dir

Input name: output_dir

Input name: subdomain_file

Input name: wordlist_file

Input name: input_dir

Input name: target_url

Input name: apk_file

Input name: command

Input name: config_file

Input name: target_domain

Input name: local_dir

Input name: container_dir

Input name: apk_to_decompile

Input name: wordlist_container_dir

Input name: search_term

Input name: target

Input name: JWT

Input name: target_port

Input name: target_ip_address

Input name: domain_src_dir

Input name: domain_container_dir

Input name: domain_list_file

Input name: interface

Input name: container_name

Input name: target_ip

Input name: args

Input name: YOUR_REPO

Input name: filename

Input name: payload

.. /WAFW00F

Quick Usage

For this tool the run command is:

docker run -it --rm secsi/wafw00f

Categories

scannerwebapp

Description

To do its magic, WAFW00F does the following:

Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.

Official Documentation

Reference: https://github.com/EnableSecurity/wafw00f