-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwaf_detection.py
97 lines (84 loc) · 2.91 KB
/
waf_detection.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
import requests
from pyfiglet import Figlet
from colorama import init, Fore
import os
from os import system
from time import sleep
init()
def clear_screen():
system("cls" if os.name == "nt" else "clear")
def print_banner():
figlet = Figlet(font='slant')
print(Fore.BLUE + figlet.renderText('Waf Detection') + Fore.RESET)
clear_screen()
print_banner()
# Waf Türleri
waf_signatures = {
'Cloudflare': {
'Server': ['cloudflare'],
'Other Indicators': ['captcha', '403 Forbidden']
},
'Akamai': {
'Server': ['AkamaiGHost'],
'Headers': ['X-Akamai-Session-ID']
},
'AWS WAF': {
'Server': ['AWS'],
'Headers': ['X-Amz-Cf-Id']
},
'Incapsula': {
'Server': ['Incapsula'],
'Headers': ['X-CDN']
},
'Sucuri': {
'Headers': ['X-Sucuri-ID']
},
'ModSecurity': {
'Headers': ['Mod_Security', 'ModSecurity'],
'Other Indicators': ['security alert', '403 Forbidden']
},
'F5 BIG-IP': {
'Server': ['BigIP', 'F5 Networks'],
'Headers': ['X-WAF-Status']
},
'DDoS-GUARD': {
'Server': ['DDoS-GUARD']
}
}
# Tespit fonksiyonu
def detect_waf(url):
try:
response = requests.get(url)
headers = response.headers
detected_waf = []
# WAF imzalarını kontrol ediyoruz.
for waf_name, waf_criteria in waf_signatures.items():
# Server başlığı kontrolü
if 'Server' in waf_criteria and 'Server' in headers:
for signature in waf_criteria['Server']:
if signature.lower() in headers['Server'].lower():
detected_waf.append(waf_name)
break
# Headers kontrolü
if 'Headers' in waf_criteria:
for header in waf_criteria['Headers']:
if header in headers:
detected_waf.append(waf_name)
break
# Diğer belirtiler (Yanıt içeriğinde) kontrolü
if 'Other Indicators' in waf_criteria:
for indicator in waf_criteria['Other Indicators']:
if indicator.lower() in response.text.lower():
detected_waf.append(waf_name)
break
# Sonuçları döndürüyoruz
if detected_waf:
print(Fore.GREEN + f"{url} waf detected: {', '.join(set(detected_waf))}" + Fore.RESET)
else:
print(Fore.YELLOW + f"{url} no WAF detected at the address." + Fore.RESET)
except requests.exceptions.RequestException as e:
print(Fore.RED + f"An error occurred during the request: {e}" + Fore.RESET)
# Kullanıcıdan URL alıyoruz.
if __name__ == "__main__":
target_url = input(Fore.WHITE + "Please enter the website URL you want to search (including http/https): " + Fore.RESET)
detect_waf(target_url)