We have already seen some of the auxiliary modules within the Metasploit Framework for enumerating HTTP services in Chapter 4, Information Gathering with Metasploit. Next, we'll explore some additional auxiliary modules that can be effectively used for enumeration and scanning web applications:
- cert: This module can be used to enumerate whether the certificate on the target web application is active or expired. Its auxiliary module name is auxiliary/scanner/http/cert, the use of which is shown in the following screenshot:
The parameters to be configured are as follows: