This extension adds a custom payload type to the Intruder tool, to help test for bypasses of Web Application Firewalls (WAFs).
- In the "What the WAF" tab, configure details of the target application, and the payload lists you would like to use.
- In Intruder, select the "Extension generated" payload type, and choose the "What the WAF" payload generator.
- Launch the Intruder attack in the normal way.
More help is available within the "Readme" tab in the "What the WAF" tab.
|Last updated||02 October 2014|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.