Proxy support allows you to route all HTTP requests through an intermediate proxy server. This is useful for debugging with tools like Burp Suite, working behind corporate proxies, or analyzing traffic.
CLI usage
Use the -x or --proxy flag to specify a proxy URL:
whatwaf -x http://127.0.0.1:8080 https://example.com
whatwaf --proxy socks5://proxy.example.com:1080 https://target.com
Library usage
Set the proxy field in ScanConfig:
use whatwaf::{scan_url, ScanConfig};
let config = ScanConfig {
timeout: 10,
follow_redirects: false,
proxy: Some("http://127.0.0.1:8080".to_string()),
};
let result = scan_url("https://example.com", config, None)?;
Supported proxy protocols
whatwaf uses reqwest::Proxy::all() under the hood (lib.rs:90), which supports:
- HTTP -
http://proxy.example.com:8080
- HTTPS -
https://secure-proxy.example.com:8443
- SOCKS5 -
socks5://proxy.example.com:1080
All probe requests during the scan will be routed through the specified proxy.
Common use cases
Debugging with Burp Suite
Route traffic through Burp Suite to inspect requests and responses:
whatwaf -x http://127.0.0.1:8080 https://target.com
Make sure Burp Suite’s proxy listener is running on the specified port (default: 8080).
Corporate proxy with authentication
For proxies requiring authentication, include credentials in the URL:
let config = ScanConfig {
timeout: 10,
follow_redirects: false,
proxy: Some("http://user:[email protected]:3128".to_string()),
};
SOCKS5 proxy
Use SOCKS5 for enhanced privacy:
whatwaf -x socks5://127.0.0.1:9050 https://example.com
Error handling
Invalid proxy configurations return a ScanError::InvalidProxy error:
pub enum ScanError {
InvalidProxy {
proxy: String,
source: reqwest::Error,
},
// ...
}
invalid proxy 'http://invalid-host:8080': failed to lookup address information
Proxy errors occur during client initialization (lib.rs:90-94), before any requests are sent. Check your proxy configuration if you see InvalidProxy errors.
See also