WAFW00F from EnableSecurity allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website. OSO DevOps has forked this repo to support output of results to a CSV / JSON formatted file. This repository can be found here
Call it without arguments to display the full help:
docker run -it --rm osodevops/wafw00f:latest
To run a full WAF scan with:
docker run -it --rm osodevops/wafw00f:latest https://osodevops.io
To save the report in a specific format (json / csv), mount /tmp as a volume:
docker run --rm -v $(pwd):/tmp osodevops/wafw00f:latest https://osodevops.io --output /tmp/out.csv