http-waf-fingerprint
脚本使用类型:
portrule
脚本所属分类:
discovery, intrusive
脚本下载地址: http://nmap.org/svn/scripts/http-waf-fingerprint.nse
Tries to detect the presence of a web application firewall and its type and version.
This works by sending a number of requests and looking in the responses for known behavior and fingerprints such as Server header, cookies and headers values. Intensive mode works by sending additional WAF specific requests to detect certain behaviour.
Credit to wafw00f and w3af for some fingerprints.
The base path. Defaults to /
.
If set, will add WAF specific scans, which takes more time. Off by default.
执行格式
nmap --script=http-waf-fingerprint <targets> nmap --script=http-waf-fingerprint --script-args http-waf-fingerprint.intensive=1 <targets>
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-waf-fingerprint: | Detected WAF |_ BinarySec version 3.2.2
Author: Hani Benhabiles
License: VER007 整理 http://www.ver007.com