Bug#834145: ITP: wafw00f -- Identify and fingerprint Web Application Firewall (WAF)
Samuel Henrique
samueloph at gmail.com
Tue Jun 20 00:45:21 UTC 2017
This package has a dependency on python-pluginbase, which i already start
packaging on collab[1], but it may need some time because i'm affraid we
will have a licensing problem, i still have to confirm that:
" We kindly ask you to only use these themes in an unmodified manner just
for Flask and Flask-related products, not for unrelated projects. If you
like the visual style and want to use it for your own projects, please
consider making some larger changes to the themes (such as changing
font faces, sizes, colors or margins)."
If anyone want's to help, please feel free to contact me.
I asked to join the python team, but got no response, that's why i decided
to package it on collab under my maintenance, although i should probably
just directly contact some active member of the python team.
[1]https://anonscm.debian.org/git/collab-maint/python-pluginbase.git/
Samuel Henrique <samueloph>
2016-08-12 10:46 GMT-03:00 Samuel Henrique <samueloph at gmail.com>:
> Package: wnpp
> Owner: "Samuel Henrique" <samueloph at gmail.com>
> Severity: wishlist
>
> * Package name : wafw00f
> Version : 0.9.4
> Upstream Author : Sandro Gauci <sandro at enablesecurity.com
> <c0re at psypanda.org>>
> * URL : https://github.com/EnableSecurity/wafw00f
> <https://psypanda.github.io/hashID/>
> * License : BSD-3-clause
> Programming Lang: Python
> Description : identify and fingerprint Web Application Firewall
> (WAF)
>
> WAFW00F does the following:
>
> - Sends a *normal* HTTP request and analyses the response; this
> identifies a number of WAF solutions
> - If that is not successful, it sends a number of (potentially
> malicious) HTTP requests and uses simple logic to deduce which WAF it is
> - If that is also not successful, it analyses the responses previously
> returned and uses another simple algorithm to guess if a WAF or security
> solution is actively responding to our attacks
>
> I intend to maintain this as a part of the pkg-security team, as this is
> part
> of an effort to get kali packages within debian.
>
> I also will discuss with the team if there's any problem in packaging
> 0.9.4 (marked as pre-release) or if i will have to package some previously
> released version.
>
> Samuel Henrique O. P. [samueloph]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20170619/1b51747b/attachment.html>
More information about the Pkg-security-team
mailing list