Added new fingerprints and polished existing ones

This commit is contained in:
0xInfection 2019-05-22 11:12:18 +05:30
parent c8bee99858
commit 757cecdeea

140
README.md
View File

@ -161,7 +161,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Aliyundun Firewall Aliyundun
</td> </td>
<td> <td>
<ul> <ul>
@ -196,7 +196,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Anyu Firewall Anyu
</td> </td>
<td> <td>
<ul> <ul>
@ -228,7 +228,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Approach Firewall Approach
</td> </td>
<td> <td>
<ul> <ul>
@ -286,6 +286,26 @@ Wanna fingerprint WAFs? Lets see how.
</ul> </ul>
</td> </td>
</tr> </tr>
<tr>
<td>
Astra Protection
</td>
<td>
<ul>
<li><b>Detectability: </b>Easy</li>
<li><b>Detection Methodology:</b></li>
<ul>
<li>Blocked response page content may contain:</li>
<ul>
<li><code>Sorry, this is not allowed.</code> in <code>h1</code>.</li>
<li><code>our website protection system has detected an issue with your IP address and wont let you proceed any further</code> text snippet.</li>
<li>Reference to <code>www.getastra.com/assets/images/</code> URL.</li>
</ul>
<li>Response cookies has field value <code>cz_astra_csrf_cookie</code> in response headers.</li>
</ul>
</ul>
</td>
</tr>
<tr> <tr>
<td> <td>
AWS (Amazon) AWS (Amazon)
@ -330,7 +350,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Barikode Firewall Barikode
</td> </td>
<td> <td>
<ul> <ul>
@ -384,7 +404,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
BitNinja Firewall BitNinja
</td> </td>
<td> <td>
<ul> <ul>
@ -461,6 +481,24 @@ Wanna fingerprint WAFs? Lets see how.
</ul> </ul>
</td> </td>
</tr> </tr>
<tr>
<td>
BulletProof Security Pro
</td>
<td>
<ul>
<li><b>Detectability: </b>Moderate</li>
<li><b>Detection Methodology:</b></li>
<ul>
<li>Blocked response page contains:
<ul>
<li><code>div</code> with id as <code>bpsMessage</code> text snippet.</li>
<li><code>If you arrived here due to a search or clicking on a link click your Browser's back button to return to the previous page.</code> text snippet.</li>
</ul>
</ul>
</ul>
</td>
</tr>
<tr> <tr>
<td> <td>
CDN NS Application Gateway CDN NS Application Gateway
@ -495,7 +533,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
ChinaCache Firewall ChinaCache
</td> </td>
<td> <td>
<ul> <ul>
@ -509,7 +547,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Chuangyu WAF Yunaq Chuangyu
</td> </td>
<td> <td>
<ul> <ul>
@ -542,7 +580,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Cloudbric Firewall Cloudbric
</td> </td>
<td> <td>
<ul> <ul>
@ -595,7 +633,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Comodo Firewall Comodo cWatch
</td> </td>
<td> <td>
<ul> <ul>
@ -625,7 +663,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Deny-All Firewall Deny-All
</td> </td>
<td> <td>
<ul> <ul>
@ -640,7 +678,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Distil Firewall Distil Web Protection
</td> </td>
<td> <td>
<ul> <ul>
@ -675,7 +713,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
dotDefender Applicure DotDefender
</td> </td>
<td> <td>
<ul> <ul>
@ -728,14 +766,14 @@ Wanna fingerprint WAFs? Lets see how.
<ul> <ul>
<li>Blocked response page returns <code>Invalid URI</code> generally.</li> <li>Blocked response page returns <code>Invalid URI</code> generally.</li>
<li>Blocked response content contains value <code>Invalid GET Request</code> upon malicious GET queries.</li> <li>Blocked response content contains value <code>Invalid GET Request</code> upon malicious GET queries.</li>
<li>Blocked POST type queries contain <code>Invalid POST Request</code> in response content.</li> <li>Blocked POST type queries contain <code>Invalid Data</code> in response content.</li>
</ul> </ul>
</ul> </ul>
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
FortiWeb Firewall Fortinet FortiWeb
</td> </td>
<td> <td>
<ul> <ul>
@ -755,7 +793,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
GoDaddy Firewall GoDaddy
</td> </td>
<td> <td>
<ul> <ul>
@ -769,7 +807,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
GreyWizard Firewall GreyWizard
</td> </td>
<td> <td>
<ul> <ul>
@ -790,7 +828,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
HyperGuard Firewall HyperGuard
</td> </td>
<td> <td>
<ul> <ul>
@ -861,7 +899,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
ISAServer Microsoft ISA Server
</td> </td>
<td> <td>
<ul> <ul>
@ -877,6 +915,20 @@ Wanna fingerprint WAFs? Lets see how.
</ul> </ul>
</td> </td>
</tr> </tr>
<tr>
<td>
Nexusguard Application Wall
</td>
<td>
<ul>
<li><b>Detectability: </b>Easy</li>
<li><b>Detection Methodology:</b></li>
<ul>
<li>Blocked response page has reference to <code>speresources.nexusguard.com/wafpage/index.html</code> URL.</li>
</ul>
</ul>
</td>
</tr>
<tr> <tr>
<td> <td>
Janusec Application Gateway Janusec Application Gateway
@ -894,7 +946,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Jiasule Firewall Jiasule
</td> </td>
<td> <td>
<ul> <ul>
@ -911,7 +963,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
KnownSec Firewall KnownSec
</td> </td>
<td> <td>
<ul> <ul>
@ -939,7 +991,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
LiteSpeed Firewall LiteSpeed
</td> </td>
<td> <td>
<ul> <ul>
@ -1031,7 +1083,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Nemesida Firewall Nemesida
</td> </td>
<td> <td>
<ul> <ul>
@ -1095,7 +1147,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
NewDefend Firewall NewDefend
</td> </td>
<td> <td>
<ul> <ul>
@ -1135,7 +1187,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
NSFocus Firewall NSFocus
</td> </td>
<td> <td>
<ul> <ul>
@ -1186,7 +1238,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Palo Alto Firewall Palo Alto
</td> </td>
<td> <td>
<ul> <ul>
@ -1201,7 +1253,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
PerimeterX Firewall PerimeterX
</td> </td>
<td> <td>
<ul> <ul>
@ -1215,7 +1267,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Profense Firewall Profense
</td> </td>
<td> <td>
<ul> <ul>
@ -1277,7 +1329,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Reblaze Firewall Reblaze
</td> </td>
<td> <td>
<ul> <ul>
@ -1337,7 +1389,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Sabre Firewall Sabre
</td> </td>
<td> <td>
<ul> <ul>
@ -1358,7 +1410,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Safe3 Firewall Safe3
</td> </td>
<td> <td>
<ul> <ul>
@ -1377,7 +1429,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
SafeDog Firewall SafeDog
</td> </td>
<td> <td>
<ul> <ul>
@ -1395,7 +1447,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Secure Entry Firewall Secure Entry
</td> </td>
<td> <td>
<ul> <ul>
@ -1496,7 +1548,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
SiteGround Firewall SiteGround
</td> </td>
<td> <td>
<ul> <ul>
@ -1569,7 +1621,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Sophos UTM Firewall Sophos UTM
</td> </td>
<td> <td>
<ul> <ul>
@ -1583,7 +1635,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
SquareSpace Firewall SquareSpace
</td> </td>
<td> <td>
<ul> <ul>
@ -1712,7 +1764,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
TransIP Firewall TransIP
</td> </td>
<td> <td>
<ul> <ul>
@ -1799,7 +1851,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Varnish Cache Firewall Varnish Cache
</td> </td>
<td> <td>
<ul> <ul>
@ -1817,7 +1869,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
VirusDie Firewall VirusDie
</td> </td>
<td> <td>
<ul> <ul>
@ -1870,7 +1922,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
WebARX Firewall WebARX
</td> </td>
<td> <td>
<ul> <ul>
@ -1943,7 +1995,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
West263 Firewall West263
</td> </td>
<td> <td>
<ul> <ul>
@ -1978,7 +2030,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
WTS Firewall WTS
</td> </td>
<td> <td>
<ul> <ul>
@ -2021,7 +2073,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Yundun Firewall Yundun
</td> </td>
<td> <td>
<ul> <ul>
@ -2038,7 +2090,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
Yunsuo Firewall Yunsuo
</td> </td>
<td> <td>
<ul> <ul>
@ -2053,7 +2105,7 @@ Wanna fingerprint WAFs? Lets see how.
</tr> </tr>
<tr> <tr>
<td> <td>
ZenEdge Firewall ZenEdge
</td> </td>
<td> <td>
<ul> <ul>