HTTP server recognition

  • Recon


Identify the server version

nmap

​nmap -sV -script banner x.x.x.x

 

metasploit

auxiliary/scanner/http/http_version

 

File robots

metasploit

auxiliary/scanner/http/robots_txt

 

See headers

metasploit

auxiliary/scanner/http/http_header

 

curl

curl -I http://x.x.x.x

 

Brute force HTTP Auth

metasploit

auxiliary/scanner/http/http_login

 

Authentification

curl

​curl -u user:password http://x.x.x.x

 

Digest

curl --digest -u user:password http://x.x.x.x

 

File Upload

metasploit

auxiliary/scanner/http/http_put