XhaniのB10gWAF_difference
搜索

WAF_difference

发表于2024-05-16|更新于2024-10-30
|浏览量:

WAF:web应用防火墙

1.作用(简单的)

2.WAF识别思路:

1.0xInfection/Awesome-WAF: 🔥 Web-application firewalls (WAFs) from security standpoint. (github.com)

2.CSecGroup/wafid: Wafid identify and fingerprint Web Application Firewall (WAF) products. (github.com)

3.如何触发waf拦截:

1.工具:kali:wafw00f
1
wafw00f https://pinpai.smzdm.com/
1
nmap www.12306.cn --script=http-waf-detect.nse

必须是动态地址:

1
sqlmap -u "xxx.com?id=1" --identify-waf
文章作者: Xhani
文章链接: https://darlingxhani.github.io/2024/05/16/WAF_difference/
版权声明: 本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来源 XhaniのB10g!
web
cover of previous post
上一篇
Google_hacking
cover of next post
下一篇
CDN_difference
相关推荐
cover
2024-05-15
CMS_judgement
cover
2024-05-16
CDN_difference
cover
2024-05-14
namp的使用
cover
2024-05-10
ip信息收集
cover
2023-11-17
域名信息收集
cover
2024-05-10
端口信息
avatar
Xhani
文章
18
标签
5
分类
0
Follow Me
公告
This is my Blog for Reverse Engineering. if you have any questions, please contact me with foxdown4321@gmail.com.
目录
  1. 1. WAF:web应用防火墙
    1. 1.0.1. 1.作用(简单的)
    2. 1.0.2. 2.WAF识别思路:
    3. 1.0.3. 3.如何触发waf拦截:
      1. 1.0.3.0.1. 1.工具:kali:wafw00f
最新文章
VMP_virtual_ISA
VMP_virtual_ISA2025-09-15
main函数回溯
main函数回溯2025-09-06
常见汇编2
常见汇编22025-09-06
远程线程注入
远程线程注入2024-11-01
IAT_hook
IAT_hook2024-10-31
©2019 - 2025 By Xhani
框架 Hexo|主题 Butterfly
搜索
数据加载中