Working with WhatWaf Tool on Kali Linux OS

Example 1: Scanning Target domain

whatweb -u https://hack-yourself-first.com/Make/5?orderby=supercarid

In this example, we have selected the target domain and tried to bypass the firewalls and protecting systems.

The tool has detected the type of firewall which is been used by the target domain server.

After bypassing we have loaded the tamper payloads on target for getting the information.

WhatWaf is a cyber-security tool with an automated approach built to detect the firewall and protection details on the target domain server. This tool can help the tester to understand the security system used by the target server and can prepare the attack plan through these details. WhatWaf tool is developed in the Python language and can detect more than 50 firewall protection on the target server. So in this article, we will be installing the tool from the GitHub platform and also going through the actual usage of the tool for better understanding.

Note: Before installing the tool make sure you have Python installed on your system, as WhatWaf is a python-based tool. Click to get the installation process of Python on Linux: Python Installation Steps on Linux