search

EnableSecurity / wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
https://www.enablesecurity.com/
BSD 3-Clause "New" or "Revised" License
5.17k stars 924 forks source link

Cannot check for NAXSI #193

Closed pieterhouwen closed 9 months ago

pieterhouwen commented 9 months ago

Describe the bug Naxsi not found as testable WAF

To Reproduce

wafw00f -t naxsi https://example.org
OR
wafw00f -t NAXSI https://example.org

Expected behavior wafw00f checks for NAXSI

Screenshots image

Desktop (please complete the following information):

Debug output Paste the output that you get when passing -vv to wafw00f. Example:

[*] Checking https://example.org
INFO:wafw00f:starting wafw00f on https://example.org
INFO:wafw00f:Request Succeeded
[-] WAF NAXSI was not found in our list
Use the --list option to see what is available

Additional context wafw00f --list shows NAXSI as available option

0xInfection commented 9 months ago

Hi,

You will need to fully mention the WAF name NAXSI (NBS Systems) via the -t argument.

wafw00f -t 'NAXSI (NBS Systems)' https://example.com