# WAF

A **Web Application Firewall (WAF)** protects web applications by filtering and monitoring HTTP/HTTPS traffic. It helps secure websites that are **behind a proxy** or **behind a web application firewall**, preventing attacks like SQL injection or XSS.

## Wafw00f

To detect if a website is protected by a WAF, tools like **wafw00f** are used. **Wafw00f** is a WAF fingerprinting tool that sends a normal HTTP request and analyzes the response to identify if a WAF is present. This helps determine whether a website or IP is behind a firewall and provides insight into the specific WAF solution in use.

```bash
sudo apt-get install wafw00f
or,
pip install wafw00f

# Basic
wafw00f [DOMAIN]
```

This will send a normal HTTP request to the site, analyze the response, and tell you if a WAF is in place, and possibly what type of WAF is being used.

{% embed url="<https://github.com/EnableSecurity/wafw00f>" %}