How to detect the presence of AWS WAF that is associated with an ALB?

Does anyone know how i can detect the presence of AWS WAF that is associated with an alb? I essentially jsut want some way to identify there is indeed a firewall infront of it

It would show up under “associated AWS resources” in the WAF Console

Ye sure i can see it there

I guess a mroe specific question would be how can i determine it using some external source

Totally not the question of an attacker :smirk:

But serious: isn’t it kind of a design principle, that it’s invisible from the outside?

No~ i literally just want to test if the WAF that has an associated alb is working

Invisibility isn’t really a priority, but it shouldn’t exactly be going out of it’s way to advertise it’s there.

I came across this - https://github.com/EnableSecurity/wafw00f

it works for my cloudfront apps, but doesnt detect it for my alb

So ye im just looking for a way to test its there

Oh turns out the above tool i linked, does actually work, i might have tried it a little too soon after applying the waf

The usual “it takes a while”-issue :sweat_smile:

Ye :face_palm::skin-tone-2: