Source: wafw00f
Section: misc
Priority: optional
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Uploaders: Samuel Henrique <samueloph@debian.org>,
           Daniel Echeverri <epsilon@debian.org>
Build-Depends: debhelper-compat (= 13),
               dh-python,
               python3-all,
               python3-pluginbase,
               python3-setuptools
Standards-Version: 4.7.0
Rules-Requires-Root: no
Testsuite: autopkgtest-pkg-python
Homepage: https://github.com/EnableSecurity/wafw00f
Vcs-Git: https://salsa.debian.org/pkg-security-team/wafw00f.git
Vcs-Browser: https://salsa.debian.org/pkg-security-team/wafw00f

Package: wafw00f
Architecture: all
Depends: ${misc:Depends},
         ${python3:Depends},
Description: identify and fingerprint Web Application Firewall products
 This package identifies and fingerprints Web Application Firewall (WAF)
 products using the following logic:
 .
  - Sends a _normal_ HTTP request and analyses the response; this identifies a
    number of WAF solutions.
  - If that is not successful, it sends a number of (potentially malicious)
    HTTP requests and uses simple logic to deduce which WAF it is.
  - If that is also not successful, it analyses the responses previously
    returned and uses another simple algorithm to guess if a WAF or security
    solution is actively responding to the attacks.