Skip to main content

Command syntax

The basic command syntax for whatwaf is: 
whatwaf [OPTIONS] <URL>
The URL argument is required for scanning. To list available detectors, use the --list flag without providing a URL.

Simple scanning example

To scan a website for WAF detection, simply provide the target URL: 
whatwaf https://example.com
This will:
  1. Run multiple detection probes against the target URL
  2. Analyze HTTP responses for WAF signatures
  3. Report any detected WAFs

Understanding the output

whatwaf provides real-time output as it runs detection probes: 
* scanning https://example.com
* base probe -> https://example.com
	- no detection (status=200)
* sqli probe -> https://example.com?id=1' OR '1'='1
	+ waf=(cloudflare) status=403
~ detected waf: Cloudflare

Output format explained

  • * scanning <URL> - Indicates the scan has started
  • * <probe> probe -> <URL> - Shows which detection probe is being executed
  • \t- no detection (status=<code>) - Probe did not trigger a WAF
  • \t+ waf=(<name>) status=<code> - WAF detected by this probe
  • ~ detected waf: <name> - Final detection result
  • ~ no waf detected - No WAF was found

Probe results

Each probe tests for different WAF signatures:
  • base probe - Tests the original URL without modifications
  • sqli probe - Tests SQL injection patterns that WAFs commonly block
  • xss probe - Tests cross-site scripting patterns
  • path traversal probe - Tests directory traversal patterns
  • And more depending on the detector database

Detection output

When a WAF is detected, whatwaf shows: 
~ detected waf: Cloudflare
If multiple WAFs are detected: 
~ detected wafs (2):
	- cloudflare
	- akamai

List mode

To see all WAFs that whatwaf can currently recognize, use the list command: 
whatwaf --list
This displays: 
~ whatwaf can currently recognize:
	Cloudflare
	Akamai
	AWS WAF
	Imperva
	F5 BIG-IP
	...
This is useful for understanding whatwaf’s detection capabilities without running a scan.

Build docs developers (and LLMs) love

Get started for freeTalk to us