All Questions
6
questions
3
votes
2
answers
7k
views
Nmap not following redirect when using "http-title" script
I am trying to scan a bunch of IPs for their http-title.
Now the problem I have is that nmap pretty much never follows any redirects.
Usually the title I want is behind that redirect though.
For ...
2
votes
1
answer
2k
views
Result disparity between nmap and curl/nc for TRACE method
By using nc or curl I get HTTP status code 405 for TRACE requests, but if I scan my site with NMAP, it seems that TRACE is enabled. Could someone explain to me if TRACE is correctly disabled or not?
...
1
vote
1
answer
3k
views
Unable to use PUT method on server seemingly allowing PUT [closed]
I've just scanned a target and noticed that HTTP PUT is allowed.
So, just to verify I used nmap:
# nmap --script http-methods <IP>
Starting Nmap 7.25BETA2 ( https://nmap.org ) at 2016-11-11 ...
0
votes
3
answers
5k
views
How to find out what websites are associated with an IP that has port 80 open?
New to security, so please forgive my ignornance - I have a machine with port 80 open, and I found the following information:
Starting Nmap 7.01 ( https://nmap.org ) at 2016-09-29 23:46 EDT
Nmap scan ...
1
vote
0
answers
7k
views
'http_login' metasploit module isn't able to Brute Force the target. Any suggestions? [closed]
I'm trying to Brute force the http Basic authentication on the domain
pentesteracademylab.appspot.com
The complete path is
pentesteracademylab.appspot.com/lab/webapp/basicauth
I'm using the ...
2
votes
1
answer
8k
views
Testing Basic Authentication with ncrack
I'm conducting some basic pen testing against a page protected with Basic Authentication. I've sucessfully tested with Medusa and Hydra but am struggling to get the syntax correct for ncrack.
The ...