Web application firewalls are one of the strongest defenses a web app has, but they can be vulnerable if the firewall version used is known to an attacker. Understanding which firewall a target is using can be the first step to a hacker discovering how to get past it — and what defenses are in place on a target. And the tools Wafw00f and Nmap make fingerprinting firewalls easy.

While most web app firewalls, or WAFs, are pretty good at defending the services they protect, they occasionally become vulnerable when an exploitable flaw is discovered. If a firewall hasn’t been updated in quite some… more


Go to Source

 

Comments are closed.