Web Application Firewall:-
Web Application Firewall is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally , these rules cover common arracks such as Cross-site Scripting and SQL Injection. While proxies generally protect clients ,WAFs protect servers . A WAF is deployed to protect a specific web application or set of web application . A WAF can be considered a reverse proxy. WAFs may came in the form of an appliance , server plugin or filter and may be customized to an application. The effort to perform this customization can be significant and needs to be maintained as the application is modified.
Fingerprinting:-
Fingerprinting is the method used to gather information about the target as much possible. The most common method for the pentesters is to fingerprint the target web presence.With this fingerprinting the pentester may develop an accurate attack scennario , which will find an vvulnerablity futher according to ethical hacking.
Web Application Firewall Detection Tools:-
1.http-waf-detect:-
There are tools that help you detect if the website your are looking at has any form of IPS or IDS , its not 100% accurate , but it can identify Apache ModSecurity , Barracuda Web Application Firewall ,PHPIDS , dotDefender ,Imperva Web Firewall And Blue Coat SG 400.This script is use in nmap tool .
#nmap -p80 --script=http-waf-detect <host>
Telnet is a tool mostly used by network administrators. Telnet allows you to connect remote computer on any port as mentioned. Many of the web application firewall leave HTTP parameters in response headers with the help of telnet you can find basic fingerprinting information like sever , cookies which can be in fingerprinting.
#telnet <host> <port>
3.wafw00f:-
wafw00f is the most well know tool to detect the web application firewall . wafw00f sends the http request which identifies the web application firewall.
For More Information:-https://github.com/EnableSecurity/wafw00f.git
No comments:
Post a Comment