Test WAF security interactively with an AI agent and WAFtester MCP

What it does

A conversational AI agent that connects to WAFtester via MCP (Model Context Protocol) for interactive Web Application Firewall security testing. Type natural language requests — the agent picks the right tools, runs the tests, and explains the results.

About WAFtester

WAFtester is an open-source CLI for testing Web Application Firewalls. It ships 27 MCP tools, 2,800+ attack payloads across 18 categories (SQLi, XSS, SSRF, SSTI, command injection, XXE, and more), detection signatures for 26 WAF vendors and 9 CDNs, and enterprise-grade assessment with F1/MCC scoring and letter grades (A+ through F).

GitHub: github.com/waftester/waftester Docs: Installation | Examples | Commands

Who it's for

Security engineers** running ad-hoc WAF assessments Penetration testers** who want AI-assisted reconnaissance and bypass discovery DevSecOps teams** validating WAF coverage before and after deployments API security teams** testing OpenAPI/Swagger specs against WAF rules

How it works

The workflow has four nodes:

Chat Trigger — Opens an n8n chat interface where you type requests in plain English AI Agent — Receives your message, reasons about which tools to call, and orchestrates the testing workflow OpenAI Chat Model — Provides the LLM reasoning layer (GPT-4o recommended; swappable for Anthropic, Ollama, etc.) WAFtester MCP — Connects to the WAFtester server via SSE and exposes all 27 tools to the agent

The agent follows a standard WAF testing workflow:

detect_waf — Fingerprint the WAF vendor and CDN protecting the target discover — Map the attack surface (endpoints, parameters, technologies) from robots.txt, sitemaps, JavaScript, and Wayback Machine learn — Generate a prioritized test plan based on discovery results scan — Fire 2,800+ attack payloads and measure detection vs. bypass rates bypass — Systematic mutation matrix testing to find WAF evasion techniques assess — Generate a formal security grade with F1, precision, MCC, and false positive rate

Long-running operations (scan, assess, bypass, discover, discover_bypasses, event_crawl, scan_spec) run asynchronously — the agent polls for results automatically.

Key capabilities

| Capability | Details | |---|---| | WAF detection | Fingerprint 26 WAF vendors and 9 CDNs from response headers, cookies, and error pages | | Payload scanning | 2,800+ payloads across 18 attack categories | | Bypass discovery | Mutation matrix with 40+ tamper techniques to find WAF evasions | | Enterprise assessment | F1 score, precision, MCC, false positive rate, and A+ through F grading | | API spec testing | Validate, plan, and scan OpenAPI/Swagger/Postman specs | | Headless crawling | Click-driven DOM crawling via headless browser for JS-rendered endpoints | | Knowledge resources | 12 built-in resources covering WAF signatures, evasion techniques, OWASP mappings, and config defaults |

Example prompts

"What WAF is protecting https://example.com?" "Scan https://example.com for SQLi and XSS" "Find WAF bypasses for https://example.com" "Run a full security assessment of https://example.com" "Validate my API spec at https://example.com/openapi.json" "Discover the attack surface of https://example.com"

How to set up

Start WAFtester MCP server: docker run -p 8080:8080 ghcr.io/waftester/waftester:latest mcp --http :8080 Add OpenAI credentials in n8n: Settings → Credentials → New → OpenAI API Select the credential in the OpenAI Chat Model node Activate the workflow and open the chat interface

Alternatively, use the included docker-compose.yml to run both n8n and WAFtester together with docker compose up -d.

Requirements

| Requirement | Details | |---|---| | WAFtester MCP server | Docker image (ghcr.io/waftester/waftester:latest) or binary install for macOS, Linux, Windows | | LLM API key | OpenAI (default), or swap the model node for Anthropic, Ollama, Azure OpenAI, or any LangChain-compatible provider | | Authorization | Only test targets you have explicit written permission to test |

Links

WAFtester website GitHub repository Installation guide Full examples Docker Hub