0x01 identYwaf链接获取
一种识别工具,可以基于盲目推理识别Web保护类型(即WAF)。盲推理是通过检查由一组预定义的攻击性(非破坏性)有效载荷引起的响应来完成的,其中这些有效载荷仅用于触发介于两者之间的Web保护系统(例如),目前,它支持80多种不同的保护产品。
用法:
$ python identYwaf.py__ ______ ___ ___ ____ ______ | T T __ __ ____ _____l j| \ / _]| \ | T| | || T__T T / T| __|| T | \ / [_ | _ Yl_j l_j| ~ || | | |Y o || l_| | | D YY _]| | | | | |___ || | | || || _|j l | || [_ | | | | | | ! \ / | | || ]|____jl_____jl_____jl__j__j l__j l____/ \_/\_/ l__j__jl__j (1.0.XX)Usage: python identYwaf.py [options] <host|url>Options:--version Show program's version number and exit-h, --help Show this help message and exit--delay=DELAY Delay (sec) between tests (default: 0)--timeout=TIMEOUT Response timeout (sec) (default: 10)--proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")--proxy-file=PRO.. Load (rotating) HTTP(s) proxy list from a file--random-agent Use random HTTP User-Agent header value--code=CODE Expected HTTP code in rejected responses--string=STRING Expected string in rejected responses--post Use POST body for sending payloads
公众号后台回复“identYwaf”获取
往期回顾:
文章来源: http://mp.weixin.qq.com/s?__biz=Mzg2NDM2MTE5Mw==&mid=2247495667&idx=1&sn=5d402765f1918eb835d6c574434a11b4&chksm=ce682075f91fa96349d23c34bee1f50bb1d7d6d8c96a8e2bb4bff8480150916a52cf61a3f956#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh