HTTP Enumeration
HTTP (Hypertext Transfer Protocol) is the foundation of data communication on the web. It's used for sending and receiving web pages, images, videos, and other resources between web browsers and servers. HTTP uses port 80 for regular communication and port 443 for secure communication (HTTPS) with encryption. It's what allows us to access and interact with websites.
HTTP - Basic Enumeration
whatwebis a command-line tool used for web fingerprinting and information-gathering. It identifies various aspects of a web application, such as the technologies in use, server details, and software versions.
http: This command is used to open an HTTP connection to the specified target for testing web servers and websites. It can be executed using command-line tools likecURL,Telnet, orNetcat.cURLis a versatile command-line tool for transferring data with URLs. It supports various protocols, including HTTP and HTTPS.
wgetis a command-line utility used for downloading files from the web. It supports various protocols, including HTTP, HTTPS, and FTP, and is capable of handling complex download scenarios like recursive downloads, retries, and more.
lynxis a text-based web browser that operates within the terminal. It allows users to view and navigate web pages without graphical elements, making it useful for low-bandwidth environments, quick site checks, or accessibility testing.
dirbis a command-line tool for web content discovery. It performs a brute-force scan to find hidden directories and files on a web server by trying different paths from a wordlist.
browshis a text-based web browser designed to work in the terminal. It allows users to browse the web in a text-only mode, providing a minimal interface for web navigation and interaction. It supports modern web features like HTML5, CSS3, and JavaScript.
HTTP: msfconsoleEnumeration
msfconsoleEnumerationIn "msfconsole," these commands respectively check HTTP version, perform directory brute-force, and retrieve robots.txt information on a target web server for security assessments:
This command is used to check the HTTP version and other related information from the target web server.
This command performs a directory and file brute-force attack on a web server to discover hidden directories and files.
This command retrieves the
robots.txtfile from the target web server to find potentially sensitive information or hidden directories.
HTTP: Nmap Enumeration Scripts
http-enum - Enumerates directories and files on a web server to find hidden resources.
http-title - Retrieves the title of the web page.
http-methods - Enumerates the HTTP methods supported by the web server.
http-headers - Retrieves HTTP headers from the target web server.
http-robots.txt - Retrieves the robots.txt file from the target web server.
http-screenshot - Takes a screenshot of the web page for visual inspection.
http-vuln-cve2014-3704 - Checks for the Drupal vulnerability CVE-2014-3704.
http-dirmap - Maps directories on a web server based on a specified list.
http-webdav-scan - Scans for WebDAV methods and checks for common WebDAV features.
http-dav-fetch - Fetches WebDAV resources.
http-banners - Retrieves banner information from the target HTTP server.
http-vuln-cve2017-5638 - Checks for the Apache Struts vulnerability CVE-2017-5638.
Hacker's Mantra:Growth hackers are typically computer engineers that build great marketing ideas into the product during the development process. - Ryan Holiday
Last updated
Was this helpful?