The first WAF testing tool with a built-in MCP server. Connect Claude, Copilot, Cursor, or n8n and let the AI orchestrate security tests autonomously.

One-Line Setup

mcp-config.json

{
  "mcpServers": {
    "waf-tester": {
      "command": "npx",
      "args": ["-y", "@waftester/cli", "mcp"]
    }
  }
}

Works with stdio (IDEs) and HTTP/SSE (n8n, Langflow). Zero configuration beyond this.

What It Looks Like

"Run a full security audit on staging.example.com and tell me if the WAF is safe to ship"

AI Agent (autonomous)

1. detect_waf → Cloudflare (98% confidence)

2. discover → 47 endpoints, 12 parameters

3. learn → prioritized test plan generated

4. scan → 3,700+ payloads with smart tampers

5. assess → F1: 0.969, Grade: A, FPR: 0.24%

WAF is production-ready. 119 bypasses found (4.2%), all low severity.

See all 7 guided prompts

27 tools Your AI Can Use

Every tool WAFtester has is exposed via MCP. The AI picks the right ones and chains them.

detect_waf

Fingerprint WAF vendor

scan

Fire payloads, find bypasses

assess

Enterprise scoring (F1, MCC)

bypass

Mutation matrix engine

discover

Map attack surface

learn

Generate test plan

probe

TLS & header recon

mutate

Payload encoding

generate_cicd

Pipeline YAML for 6 platforms

list_payloads

Browse 3,700+ payloads

get_task_status

Poll async operations

cancel_task

Cancel running tasks

list_tasks

View all task state

validate_spec

Parse and validate API specs

list_spec_endpoints

Extract spec endpoints

plan_spec

Generate intelligent scan plan

scan_spec

Execute spec-driven scan

preview_spec_scan

Preview scan plan as table

compare_baselines

Diff findings between scans

spec_intelligence

8-layer intelligence analysis

describe_spec_auth

Describe spec auth schemes

export_spec

Export parsed spec as JSON

list_tampers

Browse 65+ tamper scripts

discover_bypasses

Tamper chain bypass discovery

event_crawl

Headless DOM event crawling

list_templates

Browse bundled template library

show_template

Read bundled template content

7 Guided Prompts — Ready-to-Use Workflows

Not just tools — structured multi-step workflows the AI follows end-to-end. Click to see what each one does.

security_audit

Full WAF audit in 5 phases

Workflow

1. Detect WAF vendor
2. Map attack surface
3. Scan with smart payloads
4. Score with F1/MCC
5. Generate report

Tools chained

detect_wafdiscoverscanassess

Try it — say this to your AI

"Run a full security audit on staging.example.com and tell me if the WAF is safe to ship"

waf_bypass

Find bypasses for a specific attack category

Workflow

1. Detect WAF
2. Baseline scan
3. Analyze blocks
4. Generate mutations
5. Discover bypasses
6. Report

Tools chained

detect_wafscanmutatebypass

Try it — say this to your AI

"Find SQLi bypasses against api.example.com — stealth mode, low rate limit"

full_assessment

Enterprise grading with OWASP/PCI-DSS mapping

Workflow

1. WAF detection
2. Full category scan
3. Statistical assessment
4. Compliance mapping
5. Executive report

Tools chained

detect_wafscanassess

Try it — say this to your AI

"Assess our production WAF against OWASP Top 10 and PCI-DSS requirements"

discovery_workflow

Map the full attack surface before testing

Workflow

1. Crawl endpoints
2. TLS/header recon
3. Generate prioritized test plan

Tools chained

discoverprobelearn

Try it — say this to your AI

"Map the attack surface of app.example.com — I need endpoints, parameters, and a test plan"

evasion_research

Systematically test evasion techniques

Workflow

1. Identify WAF
2. List available tampers
3. Test tamper chains
4. Report effective evasions

Tools chained

detect_waflist_tampersdiscover_bypassesmutate

Try it — say this to your AI

"Research which evasion techniques work against our Cloudflare WAF for XSS payloads"

template_scan

Run Nuclei templates for WAF testing

Workflow

1. Detect WAF
2. Browse template catalog
3. Execute templates
4. Apply policy grading
5. Report

Tools chained

detect_waflist_templatesshow_template

Try it — say this to your AI

"Run all WAF bypass templates against target.com and grade the results with strict policy"

spec_security_audit

API spec-driven security audit

Workflow

1. Validate spec
2. Map API surface
3. Generate attack plan
4. Execute spec scan
5. Report findings

Tools chained

validate_speclist_spec_endpointsplan_specscan_spec

Try it — say this to your AI

"Here is our OpenAPI spec — audit every endpoint for injection vulnerabilities"

See the full AI integration guide for setup instructions and workflow examples.

n8n: Nightly WAF Regression in 3 Nodes

Schedule automated WAF testing. Get Slack alerts when bypasses appear. No code required.

⏰

Schedule Trigger

Daily at 2:00 AM

→

↓

🛡️

WAFtester MCP

scan + assess

→

↓

💬

Slack Alert

If bypasses found

WAFtester's HTTP/SSE transport connects directly to n8n's MCP Client node. Async tasks handle long-running scans within n8n's timeout limits.

MCP

Not REST

The AI chooses which tools to use, chains them, and reasons about results. No human orchestration needed.

Async

Long-Running Tasks

Scans run in the background. The AI polls for results. Works within n8n's 60-second timeout constraints.

MCP Resources

Version info, payload catalogs, WAF signatures, evasion techniques, OWASP mappings — context the AI needs to reason.

Works with

Claude Desktop VS Code / Copilot Cursor n8n Langflow Any MCP Client

See the Full AI Integration Guide

Who Is This For?

Built for security professionals who need more than "blocked/not blocked."

Pentesters

Discover WAF bypasses during engagements. Automated tamper selection means less manual work.

Auto tamper selection
Bypass chains
Evasion matrix

Learn more

Security Engineers

Benchmark WAF rule quality with real metrics. Know your detection rate before attackers do.

F1/MCC scoring
False positive tracking
Regression testing

Learn more

DevSecOps Teams

Integrate WAF testing into CI/CD. SARIF output feeds directly into GitHub Code Scanning.

SARIF output
GitHub Action
Pipeline-native

Learn more

AI Engineers

Build security pipelines with LLMs, n8n, or custom agents. WAFtester's MCP server gives your AI 27 tools out of the box.

MCP native
n8n / Langflow
Agent workflows

Learn more

How It Compares

WAFtester is the only tool purpose-built for WAF security testing with quantitative scoring.

Feature	WAFtester	Nuclei	SQLMap	Nikto	OWASP ZAP
WAF Detection	✓	—	—	—	✓
WAF Bypass Automation	✓	—	✓	—	—
Quantitative Scoring (F1/MCC)	✓	—	—	—	—
Multiple Output Formats (16+)	✓	✓	—	—	✓
CI/CD Integration	✓	✓	—	—	✓
Tamper/Evasion Library (65+)	✓	—	✓	—	—
AI Agent Support (MCP)	✓	—	—	—	—
API Spec-Driven Testing	✓	—	—	—	—
Autonomous AI Workflows	✓	—	—	—	—
Single Binary (No Dependencies)	✓	✓	—	—	—

Works with Your Stack

16 output formats. 6 CI/CD platforms. Native AI integration. Every protocol you need.

Output Formats

SARIF SonarQube GitLab SAST JSON HTML Report Markdown CSV JUnit XML

CI/CD Platforms

GitHub Actions GitLab CI Azure DevOps Jenkins CircleCI Bitbucket Pipelines

AI / MCP Platforms

Claude Desktop VS Code / Copilot Cursor n8n Langflow

Install in Seconds

One command. No configuration. No runtime dependencies.

npm

$ npx -y @waftester/cli version

See all installation options →

Built by Security Engineers

WAFtester is open source and built for real-world WAF security testing. Every payload, tamper, and signature is maintained by practitioners.

Frequently Asked Questions

What does WAFtester actually do?

WAFtester sends thousands of known attack patterns (SQL injection, XSS, SSRF, etc.) at your web application and checks whether your WAF (Web Application Firewall) blocks them. It measures how many attacks get through, gives you a detection score, and tells you exactly which payloads bypassed your defenses. Think of it as a quality check for your WAF — like a fire drill for your security rules.

Quick start guide

Is it safe to run against production?

WAFtester does not exploit vulnerabilities — it sends HTTP requests with known patterns and checks the response code. Nothing is injected into databases, no files are modified, no shells are opened. That said, start with staging. If you must test production, use --rate to limit request speed and --concurrency to control parallel connections. WAFtester also supports adaptive rate limiting that backs off automatically when it detects throttling.

Rate limiting and safety

Is it free?

Yes, the core CLI is open source under BSL 1.1 — you can install it, run scans, generate reports, and use all 33 commands at no cost. Community payloads are MIT-licensed. Enterprise features like distributed scanning and advanced reporting are available in paid tiers.

Installation options

How do I get started?

Install with npm (npx @waftester/cli scan -u https://your-site.com) or Homebrew (brew install waftester/tap/waftester). Then run your first scan: waf-tester scan -u https://your-target.com --smart. The --smart flag auto-detects your WAF and selects the right payloads. Takes about 2 minutes to see your first results.

Step-by-step guide

What do the scores mean?

Detection Rate is the percentage of attacks your WAF blocks — higher is better. False Positive Rate (FPR) measures how often legitimate traffic gets blocked — lower is better. F1 Score (0-1) balances detection and false positives into one number. MCC (Matthews Correlation Coefficient, -1 to +1) is the strictest metric — it penalizes both missed attacks and false alarms. A Grade from A+ to F summarizes it all. Most production WAFs should aim for A or above (F1 > 0.95).

Benchmark command

Which WAFs does it detect?

198 WAF signatures including Cloudflare, AWS WAF, Akamai, Imperva, F5 BIG-IP, Azure Front Door, Fastly, Sucuri, ModSecurity, Coraza, Barracuda, FortiWeb, and many more. Detection uses response headers, cookies, body patterns, and status code behavior. Run waf-tester vendor -u TARGET to fingerprint yours — it reports vendor name, confidence score, and recommended evasion techniques.

Vendor detection command

What attack categories does it cover?

WAFtester covers SQL injection, XSS, SSRF, SSTI, LFI/RFI, command injection, XXE, CRLF injection, NoSQL injection, LDAP injection, path traversal, prototype pollution, request smuggling, and more. Payloads are mapped to OWASP Top 10 categories for compliance reporting. You can scan all categories at once or focus on specific ones with the -types flag.

Attack categories reference

How is it different from sqlmap, nuclei, or Burp?

sqlmap exploits SQL injection — WAFtester tests whether your WAF blocks it. nuclei scans for vulnerabilities in your app — WAFtester measures your WAF's effectiveness against known attack patterns. Burp is an interactive proxy for manual testing — WAFtester is a CLI that runs automated, repeatable scans with statistical scoring. The key difference: WAFtester gives you metrics (F1, MCC, detection rate) so you can quantify WAF quality over time, not just find individual issues.

See the comparison table

How does bypass discovery work?

WAFtester has three bypass engines. The mutation matrix (bypass command) tests every payload against every encoding: URL, double URL, Unicode, HTML hex, mixed case, and more — producing thousands of combinations. The tamper engine (--tamper-auto) runs 65+ evasion scripts that modify payloads at the protocol level — chunked encoding, header injection, case randomization. The discover_bypasses MCP tool chains tampers together to find multi-step bypass paths. Results include the exact payload, encoding, and curl command for reproduction.

Bypass command reference

Can I test API endpoints with an OpenAPI spec?

Yes. The scan --spec command parses OpenAPI, Swagger, Postman, and HAR specs, extracts every endpoint and parameter, generates payloads based on parameter types and constraints, and scans with auth headers from the spec. The 8-layer intelligence engine prioritizes endpoints by risk — admin routes and file upload endpoints get tested more heavily. Use plan_spec via MCP to preview the attack plan before executing.

API spec scanning

What output formats does it support?

16 formats: JSON, SARIF (GitHub Code Scanning), HTML (interactive report), CSV, XML, JUnit, SonarQube, GitLab SAST, markdown, YAML, OpenTelemetry, Slack webhook, GitHub comment, CycloneDX VEX, Jira, and plain text. Use -o sarif,html,json to generate multiple formats in one scan. SARIF integrates directly with GitHub Advanced Security to show findings as code scanning alerts.

Output formats

Can I use it in CI/CD pipelines?

Yes. There's a native GitHub Action (waftester/waftester-action), SARIF output for GitHub Advanced Security, SonarQube and GitLab SAST format support, and the cicd command generates pipeline configs for GitHub Actions, GitLab CI, Jenkins, Azure DevOps, CircleCI, and Bitbucket. WAFtester returns non-zero exit codes on threshold failures so your pipeline breaks when WAF quality drops below your standard.

CI/CD integration guide

Does it support custom payloads and templates?

Yes, two ways. Drop JSON payload files in the payloads directory (or use --payloads PATH) for the built-in scanner — 3,700+ payloads are included. For template-based scanning, WAFtester bundles Nuclei-compatible YAML templates and supports any custom Nuclei template with --enrich to inject the full JSON payload database. Community payloads are MIT-licensed and accept contributions.

Template command

What is MCP and how does it work with AI agents?

MCP (Model Context Protocol) is a standard that lets AI agents call external tools. WAFtester's built-in MCP server exposes 27 security testing tools that Claude, Copilot, Cursor, n8n, and other AI clients can invoke directly. Instead of copying CLI commands, you tell your AI "scan example.com for SQL injection bypasses" and it calls detect_waf, scan, and assess automatically, reasoning about the results at each step. Setup is one JSON block in your AI client config.

AI integration guide

Can an AI agent run a full security audit autonomously?

Yes. WAFtester ships 7 guided prompts — structured workflows the AI follows end-to-end. security_audit runs a 5-phase audit (detect, discover, scan, assess, report). waf_bypass discovers evasion chains for specific attack categories. spec_security_audit drives testing from your OpenAPI spec. The AI handles tool selection, async polling for long-running scans, result analysis, and report generation with zero human steps after the initial request.

See all 7 guided prompts

Ready to Test Your WAF?

One command to install. One command to scan. Real results in seconds.

$ npx -y @waftester/cli scan -u https://your-app.com --smart

Cheat Sheet Full Docs View on GitHub

WAFtester

Why WAFtester?

WAF-Aware

Quantitative

Fast & Concurrent

CI/CD Native

AI-Native

See It in Action

Your AI Agent's Security Toolkit

One-Line Setup

What It Looks Like

27 tools Your AI Can Use

7 Guided Prompts — Ready-to-Use Workflows

n8n: Nightly WAF Regression in 3 Nodes

Who Is This For?

Pentesters

Security Engineers

DevSecOps Teams

AI Engineers

How It Compares

Works with Your Stack

Output Formats

CI/CD Platforms

AI / MCP Platforms

Protocols

Install in Seconds

Built by Security Engineers

Frequently Asked Questions

Ready to Test Your WAF?