WAFtester — WAF Security Testing

Version updated for https://github.com/waftester/waftester-action to version v1.0.57.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The WAFtester GitHub Action integrates Web Application Firewall (WAF) testing into CI/CD workflows by automating the process of testing, fingerprinting, and bypassing WAFs. It leverages the WAFtester CLI to perform comprehensive scans using a wide array of payloads, tamper scripts, and vendor signatures. The action generates SARIF reports with detailed findings, uploads them to GitHub’s Code Scanning dashboard, and provides actionable insights, enabling teams to identify and address WAF vulnerabilities efficiently.

Release notes

WAFtester Action v1.0.57

Updates bundled CLI to WAFtester 2.9.49.

See CLI changelog for details.

Usage

- uses: waftester/waftester-action@v1
  with:
    target: https://app.example.com

• waftester
• GitHub Actions