workflows.fit
Back to n8n workflows
n8n templateFreeBy Qandil

Test WAF security interactively with an AI agent and WAFtester MCP

What it does A conversational AI agent that connects to [WAFtester](https://waftester.com) via MCP (Model Context Protocol) for interactive Web Application Firewall security testing. Type natural language requests — t...

AILangchainCore NodesChat TriggerAgentMcp Client ToolLm Chat Open Ai
Loading interactive preview...

Template notes

What it does

A conversational AI agent that connects to [WAFtester](https://waftester.com) via MCP (Model Context Protocol) for interactive Web Application Firewall security testing. Type natural language requests — the agent picks the right tools, runs the tests, and explains the results.

About WAFtester

[WAFtester](https://waftester.com) is an open-source CLI for testing Web Application Firewalls. It ships 27 MCP tools, 2,800+ attack payloads across 18 categories (SQLi, XSS, SSRF, SSTI, command injection, XXE, and more), detection signatures for 26 WAF vendors and 9 CDNs, and enterprise-grade assessment with F1/MCC scoring and letter grades (A+ through F).

- GitHub: [github.com/waftester/waftester](https://github.com/waftester/waftester) - Docs: [Installation](https://github.com/waftester/waftester/blob/main/docs/INSTALLATION.md) | [Examples](https://github.com/waftester/waftester/blob/main/docs/EXAMPLES.md) | [Commands](https://github.com/waftester/waftester/blob/main/docs/COMMANDS.md)

Who it's for

- Security engineers running ad-hoc WAF assessments - Penetration testers who want AI-assisted reconnaissance and bypass discovery - DevSecOps teams validating WAF coverage before and after deployments - API security teams testing OpenAPI/Swagger specs against WAF rules

How it works