waf distinguish

​

Web Application protection system （ Also known as ： Website application level intrusion prevention system . english ：Web Application Firewall, abbreviation ： WAF）. Use an internationally accepted saying ：Web The application firewall is designed by performing a series of actions against HTTP/HTTPS The security policy for Web An application that provides protection

WAF Difference from network firewall

Network firewall as access control device , The main work is OSI Model three 、 four layers , be based on IP Message detection . Just limit the port , Yes TCP The agreement is blocked . Its product design does not need to be understood HTTP conversation , It also determines that you can't understand Web Application languages such as HTML、SQL Language . therefore , It's impossible HTTP Communication for input verification or attack rule analysis . in the light of Web Malicious attacks on websites Most of them will be encapsulated as HTTP request , from 80 or 443 The port successfully passed the firewall detection .

waf species

• Hardware equipment （ Green League 、 Venus 、 Anheng 、 Know Chuangyu 、 Tianrongxin, etc ）
• Software products （ Safe dog 、 Cloud lock 、D Shield, etc ）
• Cloud based WAF（ Alibaba cloud 、 Anheng 、 Know Chuangyu ）

waf distinguish

• wafwoof—https://github.com/EnableSecurity/wafw00f

• see X-Powered-By: WAF Parameters

Tool use

 The target site ：https://www.safedog.cn/

 Under folder `python main.py https://www.safedog.cn/

Know that the site uses waf after , It can be judged that the manufacturer is trying to bypass , And know that the site exists waf after , Pay attention when using scanning tools , Easy to ban ip