gotestwaf ☆

« Back to VersTracker

Description:
Tool for API and OWASP attack simulation

Type: Formula | Tracked Since: Dec 28, 2025

Links: Homepage | formulae.brew.sh

Category: Security

Tags: security waf testing api-security pentesting

Install: brew install gotestwaf

About:
GoTestWAF is a specialized security testing tool designed to evaluate the effectiveness of Web Application Firewalls (WAFs) and API security solutions. It simulates a wide range of OWASP Top 10 attacks and bypass techniques to identify vulnerabilities. The tool provides detailed reports to help security teams harden their defenses against sophisticated threats.

Key Features:

Supports numerous attack vectors including SQLi, XSS, and command injection
Tests for WAF bypass techniques using various encoding methods
Generates comprehensive and easy-to-read security reports
Written in Go for high performance and easy deployment

Use Cases:

Validating WAF configuration and effectiveness before deployment
Conducting regular security audits on existing API endpoints
Red team exercises to simulate real-world attack scenarios

Alternatives:

Nikto – Nikto is a broader web server scanner, while GoTestWAF is specifically focused on WAF and API security validation.
OWASP ZAP – ZAP is a full-featured integrated penetration testing tool, whereas GoTestWAF is a more specialized, command-line utility for WAF testing.

Version History

Detected	Change	Commit
Oct 9, 2025 4:51pm	VERSION_BUMP	ccb8b135
Sep 12, 2025 12:45pm	VERSION_BUMP	24e6d370
Sep 12, 2024 5:45am	VERSION_BUMP	0e891427
Aug 30, 2024 9:40am	VERSION_BUMP	d33c78fb
Aug 26, 2024 6:34pm	VERSION_BUMP	94e95dcd
Aug 21, 2024 1:18pm	VERSION_BUMP	48d1b9d9
Jul 26, 2024 12:35pm	VERSION_BUMP	97c3e73e
Nov 28, 2023 7:50pm	VERSION_BUMP	cd112df5
Nov 28, 2023 9:57am	VERSION_BUMP	b2a5cea3
Nov 10, 2023 11:43am	VERSION_BUMP	f6ebe522
Oct 2, 2023 6:30am	VERSION_BUMP	42e2de82
Sep 12, 2023 3:20pm	VERSION_BUMP	9e57159e