Waffer is a Web Application Firewall (WAF) detection utility for passive and active WAF fingerprinting.
Warning: This project is for educational and defensive use only. Do not run active tests against systems you do not own or do not have explicit authorization to test.
Passive WAF fingerprinting using HTTP headers, cookies, status codes and response body patterns of known WAF. Passive detection is performed with HEAD/GET requests.
In the future there will be an active detection method, which will be disabled by default, to increase detection confidence. ( WORKING ON IT )
This project is intended for security professionals, developers and researchers.
Contributions are welcome!
Contributors will be displayed in a contributor list!
-
Suggested ways to help:
-
Add more reliable fingerprints (headers/cookies/body/status) for additional Waf vendors.
-
Improve scoring and reduce false positives.
-
Add async support with httpx and asyncio for scanning many targets.
-
Add unit tests and CI (GitHub Actions).
-
When contributing, please include tests for new fingerprints or behaviors.
This project is released under the MIT License.
Copyright (c) 2025
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
- Non-Authorized scanning.
Tool built by an hacker, helped by hackers, for hackers. Use responsibly!