Web vulnerability scanning modules in Metasploit
Information gathering web server scanning module
- Module auxiliary/scanner/http/http_version
- Module auxiliary/scanner/http/open_proxy
- Module auxiliary/scanner/http/robots_txt
- Module auxiliary/scanner/http/frontpage_login
- Module auxiliary/admin/http/tomcat_administration
- Module auxiliary/admin/http/tomcat_utf8_traversal
- Module auxiliary/scanner/http/options
- Module auxiliary/scanner/http/drupal_views_user_enum
- Module auxiliary/scanner/http/scraper
- Module auxiliary/scanner/http/svn_scanner
- Module auxiliary/scanner/http/trace
- Module auxiliary/scanner/http/vhost_scanner
- Module auxiliary/scanner/http/webdav_internal_ip
- Module auxiliary/scanner/http/webdav_scanner
- Module auxiliary/scanner/http/webdav_website_content
File directory scan module
- Module auxiliary/dos/http/apache_range_dos
- Module auxiliary/scanner/http/backup_file
- Module auxiliary/scanner/http/brute_dirs
- Module auxiliary/scanner/http/copy_of_file
- Module auxiliary/scanner/http/dir_listing
- Module auxiliary/scanner/http/dir_scanner
- Module auxiliary/scanner/http/dir_webdav_unicode_bypass
- Module auxiliary/scanner/http/file_same_name_dir
- Module auxiliary/scanner/http/files_dir
- Module auxiliary/scanner/http/http_put
- Module auxiliary/scanner/http/ms09_020_webdav_unicode_bypass
- Module auxiliary/scanner/http/prev_dir_same_name_file
- Module auxiliary/scanner/http/replace_ext
- Module auxiliary/scanner/http/soap_xml
- Module auxiliary/scanner/http/trace_axd
- Module auxiliary/scanner/http/verb_auth_bypass
Web application vulnerability scanning module
- Module auxiliary/scanner/http/blind_sql_query
- Module auxiliary/scanner/http/error_sql_injection
- Module auxiliary/scanner/http/http_traversal
- Module auxiliary/scanner/http/rails_mass_assignment
- Module exploit/multi/http/lcms_php_exec