WAF Detector

Web Application Firewall Detection

"Detects WAF presence and identifies the vendor — Cloudflare, AWS WAF, Akamai, and 180+ others."

What it does

Before running active scans against a target, knowing whether it's protected by a WAF helps plan the assessment. A WAF may block or alert on aggressive scanning, rate-limit requests, or return misleading responses. Some WAFs also indicate a higher-value target worth deeper investigation.

PTK uses wafw00f to send crafted requests that trigger WAF-specific response patterns. It identifies not just whether a WAF is present, but which specific product — Cloudflare, AWS WAF, Akamai, Imperva, F5 BIG-IP, and 180+ others. No configurable options — it runs once and gives you a clear answer.

Example findings

INFOCloudflare WAF Detectedwaf

INFONo WAF Detected — Direct Access to Web Serverwaf

INFOAWS WAF Detectedwaf

INFOF5 BIG-IP ASM Detectedwaf

← Back to all tools ▶ Scan with WAF Detector

What it finds

▸WAF presence confirmed (or not detected)
▸WAF vendor identification (Cloudflare, AWS WAF, Akamai, Imperva, etc.)
▸Generic WAF detection when vendor cannot be identified

Works well with

HTTPX →Nuclei →Nikto →