import requests
import re
def target_url(scan_url):
xssstring = '<script>alert(1)</script>'
response = requests.get(scan_url)
head = response.headers
#print(head)
#print(head.values())
for i in head.values():
if re.search('.*__jsluid',i):
print(scan_url+':该网站用的知道创宇家的waf')
return
if __name__ == '__main__':
scan_url=input("请输入网址:")
target_url(scan_url)
简单的说就是想办法让目标域名告警,正则匹配响应包里的关键词