Skip to main content
The whatwaf library provides a simple yet powerful API for detecting web application firewalls (WAFs) through heuristic analysis. The library sends various probes to a target URL and analyzes responses to identify WAF signatures.

Installation

Add whatwaf to your Cargo.toml: 
[dependencies]
whatwaf = "1.9.0"

Main exports

The library exposes the following key components:
  • scan_url - Primary function for scanning a URL and detecting WAFs
  • list_detectors - Returns a list of all available WAF detectors
  • ScanConfig - Configuration struct for customizing scan behavior
  • ProbeResult - Result type containing probe and detection information
  • ScanError - Error enum for handling scan failures
  • Detector - Trait for implementing custom WAF detectors

Basic usage

use whatwaf::{scan_url, ScanConfig};

fn main() -> Result<(), Box<dyn std::error::Error>> {
    let config = ScanConfig {
        timeout: 10,
        follow_redirects: true,
        proxy: None,
    };

    let result = scan_url("https://example.com", config, None)?;

    if let Some(probe_result) = result {
        if let Some(wafs) = probe_result.detected_wafs {
            println!("Detected WAFs: {:?}", wafs);
        } else {
            println!("No WAFs detected");
        }
    }

    Ok(())
}

API design philosophy

The whatwaf API is designed with the following principles:
  1. Simplicity - The core API requires just one function call to perform a complete scan
  2. Flexibility - Optional callback mechanism allows real-time processing of probe results
  3. Blocking I/O - Uses synchronous requests for predictable behavior in CLI and scripting contexts
  4. Error transparency - Detailed error types help identify network, proxy, or request issues
  5. Extensibility - The Detector trait allows custom WAF detectors to be registered via the inventory pattern

List available detectors

To see all WAF detectors included in the library: 
use whatwaf::list_detectors;

fn main() {
    let detectors = list_detectors();
    println!("Available detectors: {:?}", detectors);
}

Next steps

scan_url function

Learn about the main scanning function and its parameters

Configuration

Explore ScanConfig options and ProbeResult structure

Error handling

Understand error types and how to handle them

Build docs developers (and LLMs) love

Get started for freeTalk to us