WAFtester — WAF Security Testing

Version updated for https://github.com/waftester/waftester-action to version v1.0.48.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The WAFtester GitHub Action automates the testing, fingerprinting, and bypass analysis of Web Application Firewalls (WAFs) within CI/CD workflows. It leverages the WAFtester CLI to perform comprehensive security scans using an extensive library of payloads, vendor signatures, and tamper scripts, generating detailed SARIF reports that are automatically uploaded to GitHub’s Security Code Scanning tab. This action streamlines WAF security assessments, helping developers identify vulnerabilities, bypasses, and improvement opportunities in their web applications.

Release notes

WAFtester Action v1.0.48

Updates bundled CLI to WAFtester 2.9.40.

See CLI changelog for details.

Usage

- uses: waftester/waftester-action@v1
  with:
    target: https://app.example.com

• waftester
• GitHub Actions