added app armor (#219)

README.md

@@ -120,6 +120,7 @@ $ wafw00f -l
   FirePass                         F5 Networks
   FortiWeb                         Fortinet
   GoDaddy Website Protection       GoDaddy
+  Google Cloud App Armor           Google Cloud
   Greywizard                       Grey Wizard
   Huawei Cloud Firewall            Huawei
   HyperGuard                       Art of Defense

wafw00f/plugins/gcparmor.py

@@ -0,0 +1,14 @@
+#!/usr/bin/env python3
+'''
+Copyright (C) 2024, WAFW00F Developers.
+See the LICENSE file for copying permission.
+'''
+
+NAME = 'Google Cloud App Armor (Google Cloud)'
+
+
+def is_waf(self):
+    if self.matchHeader(('Via', '1.1 google')):
+        return True
+
+    return False

wafw00f/wafprio.py

@@ -10,166 +10,167 @@
 
 
 wafdetectionsprio = [
-    'ACE XML Gateway (Cisco)',
-    'aeSecure (aeSecure)',
-    'AireeCDN (Airee)',
-    'Airlock (Phion/Ergon)',
-    'Alert Logic (Alert Logic)',
-    'AliYunDun (Alibaba Cloud Computing)',
-    'Anquanbao (Anquanbao)',
-    'AnYu (AnYu Technologies)',
-    'Approach (Approach)',
-    'AppWall (Radware)',
-    'Armor Defense (Armor)',
-    'ArvanCloud (ArvanCloud)',
-    'ASP.NET Generic (Microsoft)',
-    'ASPA Firewall (ASPA Engineering Co.)',
-    'Astra (Czar Securities)',
-    'AWS Elastic Load Balancer (Amazon)',
-    'Azion Edge Firewall (Azion)',
-    'Azure Application Gateway (Microsoft)',
-    'Azure Front Door (Microsoft)',
-    'Barikode (Ethic Ninja)',
-    'Barracuda (Barracuda Networks)',
-    'Bekchy (Faydata Technologies Inc.)',
-    'Beluga CDN (Beluga)',
-    'BIG-IP Local Traffic Manager (F5 Networks)',
-    'BinarySec (BinarySec)',
-    'BitNinja (BitNinja)',
-    'BlockDoS (BlockDoS)',
-    'Bluedon (Bluedon IST)',
-    'BulletProof Security Pro (AITpro Security)',
-    'CacheWall (Varnish)',
-    'CacheFly CDN (CacheFly)',
-    'Comodo cWatch (Comodo CyberSecurity)',
-    'CdnNS Application Gateway (CdnNs/WdidcNet)',
-    'ChinaCache Load Balancer (ChinaCache)',
-    'Chuang Yu Shield (Yunaq)',
-    'Cloudbric (Penta Security)',
-    'Cloudflare (Cloudflare Inc.)',
-    'Cloudfloor (Cloudfloor DNS)',
-    'Cloudfront (Amazon)',
-    'CrawlProtect (Jean-Denis Brun)',
-    'DataPower (IBM)',
-    'Cloud Protector (Rohde & Schwarz CyberSecurity)',
-    'DenyALL (Rohde & Schwarz CyberSecurity)',
-    'Distil (Distil Networks)',
-    'DOSarrest (DOSarrest Internet Security)',
-    'DDoS-GUARD (DDOS-GUARD CORP.)',
-    'DotDefender (Applicure Technologies)',
-    'DynamicWeb Injection Check (DynamicWeb)',
-    'Edgecast (Verizon Digital Media)',
-    'Eisoo Cloud Firewall (Eisoo)',
-    'Envoy (EnvoyProxy)',
-    'Expression Engine (EllisLab)',
-    'BIG-IP AppSec Manager (F5 Networks)',
-    'BIG-IP AP Manager (F5 Networks)',
-    'Fastly (Fastly CDN)',
-    'FirePass (F5 Networks)',
-    'FortiGate (Fortinet)',
-    'FortiGuard (Fortinet)',
-    'FortiWeb (Fortinet)',
-    'GoDaddy Website Protection (GoDaddy)',
-    'Greywizard (Grey Wizard)',
-    'Huawei Cloud Firewall (Huawei)',
-    'HyperGuard (Art of Defense)',
-    'Imunify360 (CloudLinux)',
-    'Incapsula (Imperva Inc.)',
-    'IndusGuard (Indusface)',
-    'Instart DX (Instart Logic)',
-    'ISA Server (Microsoft)',
-    'Janusec Application Gateway (Janusec)',
-    'Jiasule (Jiasule)',
-    'Kemp LoadMaster (Progress Software)',
-    'Kona SiteDefender (Akamai)',
-    'KS-WAF (KnownSec)',
-    'KeyCDN (KeyCDN)',
-    'LimeLight CDN (LimeLight)',
-    'LiteSpeed (LiteSpeed Technologies)',
-    'Open-Resty Lua Nginx (FLOSS)',
-    'Oracle Cloud (Oracle)',
-    'Malcare (Inactiv)',
-    'MaxCDN (MaxCDN)',
-    'Mission Control Shield (Mission Control)',
-    'ModSecurity (SpiderLabs)',
-    'NAXSI (NBS Systems)',
-    'Nemesida (PentestIt)',
-    'NevisProxy (AdNovum)',
-    'NetContinuum (Barracuda Networks)',
-    'NetScaler AppFirewall (Citrix Systems)',
-    'Newdefend (NewDefend)',
-    'NexusGuard Firewall (NexusGuard)',
-    'NinjaFirewall (NinTechNet)',
-    'NullDDoS Protection (NullDDoS)',
-    'NSFocus (NSFocus Global Inc.)',
-    'OnMessage Shield (BlackBaud)',
-    'Palo Alto Next Gen Firewall (Palo Alto Networks)',
-    'PerimeterX (PerimeterX)',
-    'PentaWAF (Global Network Services)',
-    'pkSecurity IDS (pkSec)',
-    'PT Application Firewall (Positive Technologies)',
-    'PowerCDN (PowerCDN)',
-    'Profense (ArmorLogic)',
-    'Puhui (Puhui)',
-    'Qcloud (Tencent Cloud)',
-    'Qiniu (Qiniu CDN)',
-    'Qrator (Qrator)',
-    'Reblaze (Reblaze)',
-    'RSFirewall (RSJoomla!)',
-    'RequestValidationMode (Microsoft)',
-    'Sabre Firewall (Sabre)',
-    'Safe3 Web Firewall (Safe3)',
-    'Safedog (SafeDog)',
-    'Safeline (Chaitin Tech.)',
-    'SecKing (SecKing)',
-    'eEye SecureIIS (BeyondTrust)',
-    'SecuPress WP Security (SecuPress)',
-    'SecureSphere (Imperva Inc.)',
-    'Secure Entry (United Security Providers)',
-    'SEnginx (Neusoft)',
-    'ServerDefender VP (Port80 Software)',
-    'Shield Security (One Dollar Plugin)',
-    'Shadow Daemon (Zecure)',
-    'SiteGround (SiteGround)',
-    'SiteGuard (Sakura Inc.)',
-    'Sitelock (TrueShield)',
-    'SonicWall (Dell)',
-    'UTM Web Protection (Sophos)',
-    'Squarespace (Squarespace)',
-    'SquidProxy IDS (SquidProxy)',
-    'StackPath (StackPath)',
-    'Sucuri CloudProxy (Sucuri Inc.)',
-    'Tencent Cloud Firewall (Tencent Technologies)',
-    'Teros (Citrix Systems)',
-    'Trafficshield (F5 Networks)',
-    'TransIP Web Firewall (TransIP)',
-    'URLMaster SecurityCheck (iFinity/DotNetNuke)',
-    'URLScan (Microsoft)',
-    'UEWaf (UCloud)',
-    'Variti (Variti)',
-    'Varnish (OWASP)',
-    'Viettel (Cloudrity)',
-    'VirusDie (VirusDie LLC)',
-    'Wallarm (Wallarm Inc.)',
-    'WatchGuard (WatchGuard Technologies)',
-    'WebARX (WebARX Security Solutions)',
-    'WebKnight (AQTRONIX)',
-    'WebLand (WebLand)',
-    'wpmudev WAF (Incsub)',
-    'RayWAF (WebRay Solutions)',
-    'WebSEAL (IBM)',
-    'WebTotem (WebTotem)',
-    'West263 CDN (West263CDN)',
-    'Wordfence (Defiant)',
-    'WP Cerber Security (Cerber Tech)',
-    'WTS-WAF (WTS)',
     '360WangZhanBao (360 Technologies)',
-    'XLabs Security WAF (XLabs)',
-    'Xuanwudun (Xuanwudun)',
-    'Yundun (Yundun)',
-    'Yunsuo (Yunsuo)',
-    'Yunjiasu (Baidu Cloud Computing)',
-    'YXLink (YxLink Technologies)',
-    'Zenedge (Zenedge)',
-    'ZScaler (Accenture)'
-]
+    'ACE XML Gateway (Cisco)',
+	'ASP.NET Generic (Microsoft)',
+	'ASPA Firewall (ASPA Engineering Co.)',
+	'AWS Elastic Load Balancer (Amazon)',
+	'AireeCDN (Airee)',
+	'Airlock (Phion/Ergon)',
+	'Alert Logic (Alert Logic)',
+	'AliYunDun (Alibaba Cloud Computing)',
+	'AnYu (AnYu Technologies)',
+	'Anquanbao (Anquanbao)',
+	'AppWall (Radware)',
+	'Approach (Approach)',
+	'Armor Defense (Armor)',
+	'ArvanCloud (ArvanCloud)',
+	'Astra (Czar Securities)',
+	'Azion Edge Firewall (Azion)',
+	'Azure Application Gateway (Microsoft)',
+	'Azure Front Door (Microsoft)',
+	'BIG-IP AP Manager (F5 Networks)',
+	'BIG-IP AppSec Manager (F5 Networks)',
+	'BIG-IP Local Traffic Manager (F5 Networks)',
+	'Barikode (Ethic Ninja)',
+	'Barracuda (Barracuda Networks)',
+	'Bekchy (Faydata Technologies Inc.)',
+	'Beluga CDN (Beluga)',
+	'BinarySec (BinarySec)',
+	'BitNinja (BitNinja)',
+	'BlockDoS (BlockDoS)',
+	'Bluedon (Bluedon IST)',
+	'BulletProof Security Pro (AITpro Security)',
+	'CacheFly CDN (CacheFly)',
+	'CacheWall (Varnish)',
+	'CdnNS Application Gateway (CdnNs/WdidcNet)',
+	'ChinaCache Load Balancer (ChinaCache)',
+	'Chuang Yu Shield (Yunaq)',
+	'Cloud Protector (Rohde & Schwarz CyberSecurity)',
+	'Cloudbric (Penta Security)',
+	'Cloudflare (Cloudflare Inc.)',
+	'Cloudfloor (Cloudfloor DNS)',
+	'Cloudfront (Amazon)',
+	'Comodo cWatch (Comodo CyberSecurity)',
+	'CrawlProtect (Jean-Denis Brun)',
+	'DDoS-GUARD (DDOS-GUARD CORP.)',
+	'DOSarrest (DOSarrest Internet Security)',
+	'DataPower (IBM)',
+	'DenyALL (Rohde & Schwarz CyberSecurity)',
+	'Distil (Distil Networks)',
+	'DotDefender (Applicure Technologies)',
+	'DynamicWeb Injection Check (DynamicWeb)',
+	'Edgecast (Verizon Digital Media)',
+	'Eisoo Cloud Firewall (Eisoo)',
+	'Envoy (EnvoyProxy)',
+	'Expression Engine (EllisLab)',
+	'Fastly (Fastly CDN)',
+	'FirePass (F5 Networks)',
+	'FortiGate (Fortinet)',
+	'FortiGuard (Fortinet)',
+	'FortiWeb (Fortinet)',
+	'GoDaddy Website Protection (GoDaddy)',
+	'Google Cloud App Armor (Google Cloud)',
+	'Greywizard (Grey Wizard)',
+	'Huawei Cloud Firewall (Huawei)',
+	'HyperGuard (Art of Defense)',
+	'ISA Server (Microsoft)',
+	'Imunify360 (CloudLinux)',
+	'Incapsula (Imperva Inc.)',
+	'IndusGuard (Indusface)',
+	'Instart DX (Instart Logic)',
+	'Janusec Application Gateway (Janusec)',
+	'Jiasule (Jiasule)',
+	'KS-WAF (KnownSec)',
+	'Kemp LoadMaster (Progress Software)',
+	'KeyCDN (KeyCDN)',
+	'Kona SiteDefender (Akamai)',
+	'LimeLight CDN (LimeLight)',
+	'LiteSpeed (LiteSpeed Technologies)',
+	'Malcare (Inactiv)',
+	'MaxCDN (MaxCDN)',
+	'Mission Control Shield (Mission Control)',
+	'ModSecurity (SpiderLabs)',
+	'NAXSI (NBS Systems)',
+	'NSFocus (NSFocus Global Inc.)',
+	'Nemesida (PentestIt)',
+	'NetContinuum (Barracuda Networks)',
+	'NetScaler AppFirewall (Citrix Systems)',
+	'NevisProxy (AdNovum)',
+	'Newdefend (NewDefend)',
+	'NexusGuard Firewall (NexusGuard)',
+	'NinjaFirewall (NinTechNet)',
+	'NullDDoS Protection (NullDDoS)',
+	'OnMessage Shield (BlackBaud)',
+	'Open-Resty Lua Nginx (FLOSS)',
+	'Oracle Cloud (Oracle)',
+	'PT Application Firewall (Positive Technologies)',
+	'Palo Alto Next Gen Firewall (Palo Alto Networks)',
+	'PentaWAF (Global Network Services)',
+	'PerimeterX (PerimeterX)',
+	'PowerCDN (PowerCDN)',
+	'Profense (ArmorLogic)',
+	'Puhui (Puhui)',
+	'Qcloud (Tencent Cloud)',
+	'Qiniu (Qiniu CDN)',
+	'Qrator (Qrator)',
+	'RSFirewall (RSJoomla!)',
+	'RayWAF (WebRay Solutions)',
+	'Reblaze (Reblaze)',
+	'RequestValidationMode (Microsoft)',
+	'SEnginx (Neusoft)',
+	'Sabre Firewall (Sabre)',
+	'Safe3 Web Firewall (Safe3)',
+	'Safedog (SafeDog)',
+	'Safeline (Chaitin Tech.)',
+	'SecKing (SecKing)',
+	'SecuPress WP Security (SecuPress)',
+	'Secure Entry (United Security Providers)',
+	'SecureSphere (Imperva Inc.)',
+	'ServerDefender VP (Port80 Software)',
+	'Shadow Daemon (Zecure)',
+	'Shield Security (One Dollar Plugin)',
+	'SiteGround (SiteGround)',
+	'SiteGuard (Sakura Inc.)',
+	'Sitelock (TrueShield)',
+	'SonicWall (Dell)',
+	'Squarespace (Squarespace)',
+	'SquidProxy IDS (SquidProxy)',
+	'StackPath (StackPath)',
+	'Sucuri CloudProxy (Sucuri Inc.)',
+	'Tencent Cloud Firewall (Tencent Technologies)',
+	'Teros (Citrix Systems)',
+	'Trafficshield (F5 Networks)',
+	'TransIP Web Firewall (TransIP)',
+	'UEWaf (UCloud)',
+	'URLMaster SecurityCheck (iFinity/DotNetNuke)',
+	'URLScan (Microsoft)',
+	'UTM Web Protection (Sophos)',
+	'Variti (Variti)',
+	'Varnish (OWASP)',
+	'Viettel (Cloudrity)',
+	'VirusDie (VirusDie LLC)',
+	'WP Cerber Security (Cerber Tech)',
+	'WTS-WAF (WTS)',
+	'Wallarm (Wallarm Inc.)',
+	'WatchGuard (WatchGuard Technologies)',
+	'WebARX (WebARX Security Solutions)',
+	'WebKnight (AQTRONIX)',
+	'WebLand (WebLand)',
+	'WebSEAL (IBM)',
+	'WebTotem (WebTotem)',
+	'West263 CDN (West263CDN)',
+	'Wordfence (Defiant)',
+	'XLabs Security WAF (XLabs)',
+	'Xuanwudun (Xuanwudun)',
+	'YXLink (YxLink Technologies)',
+	'Yundun (Yundun)',
+	'Yunjiasu (Baidu Cloud Computing)',
+	'Yunsuo (Yunsuo)',
+	'ZScaler (Accenture)',
+	'Zenedge (Zenedge)',
+	'aeSecure (aeSecure)',
+	'eEye SecureIIS (BeyondTrust)',
+	'pkSecurity IDS (pkSec)',
+	'wpmudev WAF (Incsub)'
+]