Lokesh
Oct 14, 2019Nimbostratus
Linux (Kali) found our application hosted behind F5
We want to stop display of banner name of F5 to any WAF detection tools , as during VAPT it was seen that wafw00f (A WAF detection Tool) is able to find out our WAF name through our application.
root@kali:/home/iicybersecurity/wafw00f# wafw00f example.com
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
Checking https://example.com
The site https://example.com is behind a F5 BIG-IP APM
Number of requests: 11