Home / Denial-of-Service Attack (DoS) / Bypass Web Application Firewall using WAFNinja

Bypass Web Application Firewall using WAFNinja

WAFNinja is a CLI python tool that helps penetration testers to bypass Web Application Firewall by automating steps necessary for bypassing input validation. WAFNinja supports HTTP connections, GET and POST requests and the use of Cookies in order to access pages restricted to authenticated users. It also supports intercepting proxy, so yes MITM for you.

Bypass Web Application Firewall using WAFNinja - blackMORE Ops

The tool was created with the objective to be easily extendible, simple to use and usable in a team environment.

Supported web methods:

  • HTTP connections
  • GET requests
  • POST requests
  • Using Cookies (for pages behind auth)
  • Intercepting proxy

Using WAFNinja for WAF Bypass

wafninja.py [-h] [-v] {fuzz, bypass, insert-fuzz, insert-bypass, set-db} ...

More examples

fuzzing

python wafninja.py fuzz -u "http://www.target.com/index.php?id=FUZZ" 
-c "phpsessid=value" -t xss -o output.html

Bypass WAG

python wafninja.py bypass -u "http://www.target.com/index.php"  -p "Name=PAYLOAD&Submit=Submit"         
-c "phpsessid=value" -t xss -o output.html

Insert fuzz

python wafninja.py insert-fuzz -i select -e select -t sql

Video demo

Here a complete video of a workshop that will teach you how to attack an application secured by a WAF. The moderator  describes WAF bypassing techniques and offers a systematic and practical approach on how to bypass web application firewalls based on these techniques. This video introduces WAFNinja, a tool that helps to find multiple vulnerabilities in firewalls.

Complete slides can be found here.

Reference

Check Also

Hacking remote desktop protocol using rdpy - blackMORE Ops

Hacking remote desktop protocol using rdpy

RDPY is a Microsoft RDP Security Tool developed in pure Python with RDP Man in …

Create MITM Test Environment using Snifflab

Create MITM Test Environment using Snifflab

Snifflab is a technical test environment for capturing and decrypting WiFi data transmissions. Snifflab creates …

Use WordPress.com, Twitter, Facebook, or Google+ accounts to comment (anonymous comments allowed)

This site uses Akismet to reduce spam. Learn how your comment data is processed.