August 2018
Intermediate to advanced
404 pages
10h 22m
English
There are different ways of detecting if an application is protected by a WAF or IDS; being blocked and/or blacklisted after launching an attack is the worst of all, so we will use Nmap and wafw00f to identify whether our target is behind a WAF before going all in:
# nmap -sT -sV -p 80,443,8080,8081 --script=http-waf-detect 192.168.56.11

It seems like we don't have a WAF protecting this server
Read now
Unlock full access