Determining WAF for a Site(HTTPS)

Hi all!
How can we determining if a site (HTTPS) has WAF?
I’m trying to use nmap but no use.
I’m aware of WAFWOOF and softwares like that but I’m not sure if that’s helpful and don’t wannt indulge in setting up the system.

thanks in advance!

4 Likes

What command are you using?

nmap –script=http-waf-fingerprint targetsite.com

There are other tools that you can use also if you wish. I’m not sure about WAFWOOF but in WHATWAF it’s:

./whatwaf -u targetsite.com

1 Like