WAF simulation || Advanced Scenarios

  • 21 November 2023
  • 1 reply

Userlevel 1

Hello Team,


Just want to know how WAF simulation from Advanced scenarios is different from the WAF module.



Best answer by Shiraz 22 November 2023, 09:19

View original

1 reply

Userlevel 3
Badge +3

Hi @viraj_korgaonkar 

The WAF advanced scenario consists of around 20 payloads, designed for selective testing within a scenario or for spot checks to ensure that the protection system, such as a WAF, is functioning correctly.

The WAF testing module is far more exhaustive, featuring approximately 8,000 payloads that incorporate various obfuscation techniques.
WAF module performs a crawl of the website's internal pages to verify that the WAF provides comprehensive protection across the entire site, rather than at specific points as seen in Advanced Scenarios.
It supports advanced configurations that is not available in Advanced Scnearios, such as authentication methods.
It also generates action items to address any payload that was able to circumvent (Penetrate) the WAF.