Metasploit Auxiliaries for Web Application enumeration and scanning

We have already seen some of the auxiliary modules within the Metasploit Framework for enumerating HTTP services in Chapter 4, ;Information Gathering with Metasploit. Next, we'll explore some additional auxiliary modules that can be effectively used for enumeration and scanning web applications:

  • cert: ;This module can be used to enumerate whether the certificate on the target web application is active or expired. ;Its auxiliary module name is auxiliary/scanner/http/cert, the use of which is shown in the following screenshot:

The parameters to be configured are as follows: ...

Get Metasploit for Beginners now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.