Test WAF security interactively with an AI agent and WAFtester MCP
What it does A conversational AI agent that connects to [WAFtester](https://waftester.com) via MCP (Model Context Protocol) for interactive Web Application Firewall security testing. Type natural language requests — t...
Template notes
What it does
A conversational AI agent that connects to [WAFtester](https://waftester.com) via MCP (Model Context Protocol) for interactive Web Application Firewall security testing. Type natural language requests — the agent picks the right tools, runs the tests, and explains the results.
About WAFtester
[WAFtester](https://waftester.com) is an open-source CLI for testing Web Application Firewalls. It ships 27 MCP tools, 2,800+ attack payloads across 18 categories (SQLi, XSS, SSRF, SSTI, command injection, XXE, and more), detection signatures for 26 WAF vendors and 9 CDNs, and enterprise-grade assessment with F1/MCC scoring and letter grades (A+ through F).
- GitHub: [github.com/waftester/waftester](https://github.com/waftester/waftester) - Docs: [Installation](https://github.com/waftester/waftester/blob/main/docs/INSTALLATION.md) | [Examples](https://github.com/waftester/waftester/blob/main/docs/EXAMPLES.md) | [Commands](https://github.com/waftester/waftester/blob/main/docs/COMMANDS.md)
Who it's for
- Security engineers running ad-hoc WAF assessments - Penetration testers who want AI-assisted reconnaissance and bypass discovery - DevSecOps teams validating WAF coverage before and after deployments - API security teams testing OpenAPI/Swagger specs against WAF rules
How it works