HTTP server recognition
- Recon
Identify the server version
nmap
nmap -sV -script banner x.x.x.x
metasploit
auxiliary/scanner/http/http_version
File robots
metasploit
auxiliary/scanner/http/robots_txt
See headers
metasploit
auxiliary/scanner/http/http_header
curl
curl -I http://x.x.x.x
Brute force HTTP Auth
metasploit
auxiliary/scanner/http/http_login
Authentification
curl
curl -u user:password http://x.x.x.x
Digest
curl --digest -u user:password http://x.x.x.x
File Upload
metasploit
auxiliary/scanner/http/http_put