O'Reilly logo

Metasploit Revealed: Secrets of the Expert Pentester by Nipun Jaswal, Sagar Rahalkar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Metasploit Auxiliaries for Web Application enumeration and scanning

We have already seen some of the auxiliary modules within the Metasploit Framework for enumerating HTTP services in Chapter 4, ;Information Gathering with Metasploit. Next, we'll explore some additional auxiliary modules that can be effectively used for enumeration and scanning web applications:

  • cert: ;This module can be used to enumerate whether the certificate on the target web application is active or expired. ;Its auxiliary module name is auxiliary/scanner/http/cert, the use of which is shown in the following screenshot:

The parameters to be configured are as follows: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required