Source: wafw00f Section: misc Priority: optional Maintainer: Debian Security Tools Uploaders: Samuel Henrique , Daniel Echeverry Build-Depends: debhelper-compat (= 13), dh-python, python3-all, python3-pluginbase, python3-setuptools Standards-Version: 4.7.0 Rules-Requires-Root: no Testsuite: autopkgtest-pkg-python Homepage: https://github.com/EnableSecurity/wafw00f Vcs-Git: https://salsa.debian.org/pkg-security-team/wafw00f.git Vcs-Browser: https://salsa.debian.org/pkg-security-team/wafw00f Package: wafw00f Architecture: all Depends: ${misc:Depends}, ${python3:Depends}, Description: identify and fingerprint Web Application Firewall products This package identifies and fingerprints Web Application Firewall (WAF) products using the following logic: . - Sends a _normal_ HTTP request and analyses the response; this identifies a number of WAF solutions. - If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. - If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to the attacks.