We will use wafw00f to identify whether there is a web application firewall between us and our target website.
Many organizations will use a Web Application Firewall (WAF) to protect websites from web-specific attack. Understanding that a security device sits between you and your target is extremely important. You will need to obfuscate and avoid detection. You will have to be more targeted and use special techniques to penetrate the website even with the WAF in place.