GoTestWAF generates requests with predefined, basic payloads as well as attacks specific to different APIs (REST, SOAP, XMLRPC). It sends them to the application and analyzes the responses to generate a detailed report in the console output or as a PDF.
It gives clear results and indicates which of the attacks are detected with your existing appsec solution and what ways attackers can still hit your apps. GoTestWAF is a tool to test WAFs, RASPs, and WAAP for application and API attacks, not just CGI payloads from 90th.

1
Enter your domain
Fill the domain you want to test and which has WAF
2
Verify domain ownership
We need to be sure this domain is yours.
3
Get the free report
Learn your WAF breaches and false-positives
See which WAF/WAAP is better in what it should do the best - attack detection
Learn what ways attackers can still hit your apps
Indicate which of the attacks are detected with your existing appsec solution
Get clear results of your WAF perfomance
Powered by Wallarm — the platform Dev, Sec, and Ops teams choose to build cloud-native applications securely, monitor them for modern threats, and get alerted when threats arise. Whether you protect some of the legacy apps or brand new cloud-native APIs, Wallarm multi-cloud platform provides key components to secure your business against emerging threats.
Wallarmは、迅速な開発と安全な運用を実現するために、貴社をサポートします。