Chapter 4. Auditing Web Servers

Note

This chapter shows you how to do some things that in many situations might be illegal, unethical, a violation of the terms of service, or just not a good idea. It is provided here to give you information that may be of use to protect yourself against threats and make your own system more secure. Before following these instructions, be sure you are on the right side of the legal and ethical line... use your powers for good!

In this chapter we will cover:

Listing supported HTTP methods
Checking if an HTTP proxy is open
Discovering interesting files and directories on various web servers
Brute forcing HTTP authentication
Abusing mod_userdir to enumerate user accounts
Testing default credentials in web applications
Brute-force ...

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nmap 6: Network Exploration and Security Auditing Cookbook by Paulino Calderon Pale

Chapter 4. Auditing Web Servers

Note

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly