Skip to content

Functionality

Jump to bottom
Ekultek edited this page May 14, 2018 · 8 revisions

WhatWaf available arguments and usage

usage: ./whatwaf.py -[u|l] VALUE|PATH -[p|-pl] PAYLOADS --[args]

optional arguments:
  -h, --help            show this help message and exit

mandatory arguments:
  arguments that have to be passed for the program to run

  -u URL, --url URL     Pass a single URL to detect the protection
  -l PATH, --list PATH, -f PATH, --file PATH
                        Pass a file containing URL's (one per line) to detect
                        the protection

request arguments:
  arguments that will control your requests

  --pa USER-AGENT       Provide your own personal agent to use it for the HTTP
                        requests
  --ra                  Use a random user-agent for the HTTP requests
  --proxy PROXY         Provide a proxy to run behind in the format
                        type://address:port (IE socks5://10.54.127.4:1080
  --tor                 Use Tor as the proxy to run behind, must have Tor
                        installed
  -p PAYLOADS, --payloads PAYLOADS
                        Provide your own payloads separated by a comma IE AND
                        1=1,AND 2=2
  --pl PAYLOAD-LIST-PATH
                        Provide a file containing a list of payloads 1 per
                        line
  --force-ssl           Force the assignment of HTTPS instead of HTTP while
                        processing

encoding options:
  arguments that control the encoding of payloads

  -e PAYLOAD TAMPER-SCRIPT-LOAD-PATH, --encode PAYLOAD TAMPER-SCRIPT-LOAD-PATH
                        Encode a provided payload using a provided tamper
                        script
  -el PATH TAMPER-SCRIPT-LOAD-PATH, --encode-list PATH TAMPER-SCRIPT-LOAD-PATH
                        Encode a file containing payloads (one per line) by
                        passing the path and load path

output options:
  arguments that control how WhatWaf handles output

  -F, --format          Format the output into a dict and display it
  -J, --json            Send the output to a JSON format
  -Y, --yaml            Send the output to a YAML file
  -C, --csv             Send the output to a CSV file
  --tamper-int INT      Control the amount of tampers that are displayed
                        (default is 5)

misc arguments:
  arguments that don't fit in any other category

  --verbose             Run in verbose mode (more output)
  --hide                Hide the banner during the run
  --update              Update WhatWaf to the newest development version
  --save FILENAME       Save the encoded payloads into a file
  --skip                Skip checking for bypasses and just identify the
                        firewall
  --verify-num INT      Change the default amount (5) to verify if there
                        really is not a WAF present

Argument descriptions

Optional arguments

These arguments aren't really important, but they're good to mention
  • -h/--help
    • Prints the help menu and exits. This will also be the default if no other flags are passed

Mandatory arguments

These arguments have to be passed in order for whatwaf to run
  • -u URL, --url URL
    • Pass a single URL to detect the protection
  • -l PATH, --list PATH, -f PATH, --file PATH
    • Pass a file containing URL's (one per line) to detect the protection

Request arguments

These arguments control your HTTP requests, along with your headers
  • --pa
    • Pass a personal User-Agent in the form of a string to replace the default User-Agent. It's up to you to make sure your User-Agent is in the right format or not
  • --ra
    • Passing this flag will grab a random User-Agent out of content/files/user_agents.txt, there are a total of 4,195 User-Agents available to be chosen from
  • --proxy
    • Pass a proxy to run behind. Whatwaf is compatible with most proxy types such as:
      • socks5
      • socks4
      • http
      • https
  • --tor
    • Pass this flag to use Tor as your proxy. Please be advised that this requires you to have Tor installed on your system and running. It will assume that Tor is on port 9050 and try to connect there as well.
  • -p/--payloads
    • Provide your own payloads for the detection requests. Payloads must be separated by a comma. IE -p="AND 1=1,OR 2=2". This way whatwaf will be able to determine the list by a common denominator.
  • --pl
    • Pass a textual file containing payloads (one per line) whatwaf will enumerate these payloads and use each one for detection requests. It is advised to run behind a proxy or use proxychains if you are going to use this method.
  • --force-ssl
    • Passing this flag will force the URL to run behind HTTPS instead of HTTP.

Encoding options:

Arguments that control the encoding of payloads
  • -e PAYLOAD TAMPER-SCRIPT-LOAD-PATH, --encode PAYLOAD TAMPER-SCRIPT-LOAD-PATH
    • Encode a provided payload using a provided tamper script
  • -el PATH TAMPER-SCRIPT-LOAD-PATH, --encode-list PATH TAMPER-SCRIPT-LOAD-PATH
    • Encode a file containing payloads (one per line) by passing the path and load path

Output options:

Arguments that control how WhatWaf handles output
  • -F, --format
    • Format the output into a dict and display it
  • -J, --json
    • Send the output to a JSON format
  • -Y, --yaml
    • Send the output to a YAML file
  • -C, --csv
    • Send the output to a CSV file

Misc arguments

Arguments that don't really fit into any other category
  • --verbose
    • Run in verbose mode (more output)
  • --hide
    • Hide the banner during the run
  • --update
    • Update WhatWaf to the newest development version
  • --save FILENAME
    • Save the encoded payloads into a file
  • --skip
    • Skip checking for bypasses and just identify the firewall
  • --verify-num INT
    • Change the default amount (5) to verify if there really is not a WAF present
Clone this wiki locally