Skip to content

wafep

This is the web app or web related tool named wafep whose latest release can be downloaded as wafep-src.zip from this website redcoolmedia.net

Download APP

wafep

APP DESCRIPTION:

Download this app named wafep.

WAFEP is designed to assess the attack vector support of web application firewalls and application IDS/IPS modules.

It operates through an "attacker website" with links, forms, browser controls and other request initiators which send a collection of malicious payloads through the WAF to a target application, which in turn, checks which payloads were blocked and which passed successfully.

The WAFEP application serves as both the "attacker" website and the "target" website, and thus, should ideally be used in twin instances - one BEHIND the WAF (the defender/target website), and another before the WAF (the attacker website).

The payloads can be executed manually through the WAFEP attacker website instance by activating one test case at a time, or automatically, by using a crawling mechanism such as the one implemented in ZAP, Burpsuite, etc.

*Note*
The target website should be configured in the attacker website FIRST, by accessing: /wafep/config/change-target.jsp

Free download Web app or web tool wafep from RedcoolMedia.net