cURL is a command line tool to get or send the data using the URL syntax and is compatible with various well-known protocols (HTTPS, FTP, SCP, LDAP, Telnet etc.) along with command line (CLI) options for performing various tasks (Eg: User authentication , FTP uploading , SSL connections etc). The cURL utility by default comes installed in most of the distributions. However if in case, cURL is not installed, then we can install the same via apt-get install curl command. For more details refer the below URL
Through the cURL command we can identify the HTTP Options available on the target URL as follows :
curl -v -X OPTIONS http://192.168.1.109
The screenshot displays the various types of allowed HTTP methods (GET, HEAD, POST, OPTIONS, TRACE), apart from other server-specific information (Server response, version details etc)
Nikto is a Web server scanner that tests Web servers for dangerous files/CGIs, outdated server software and other issues. It performs generic and server types of specific checks.
Through the Nikto command we can identify the HTTP Options available on the target URL as follows :
nikto -h 192.168.1.109
The screenshot displays the various types of allowed HTTP methods (GET, HEAD, POST, OPTIONS, TRACE), apart from another detailed server specific information (Server response, version details etc)
Nmap is a free and open-source security scanner, used to discover hosts and services on the network. This is another method of checking which HTTP methods are enabled by using an NMAP script called http-methods.nse, which can be obtained from https://nmap.org/nsedoc/scripts/http-methods.html .
Let us use NMAP command to enumerate all of the HTTP methods supported by a web server on the target URL as follows :
nmap --script http-methods --script-args http-method.test-all ='/192.168.1.109' 192.168.1.109
The screenshot displays the various types of allowed HTTP methods (GET, HEAD, POST, OPTIONS, TRACE) along with highlighting the potential risk methods (i.e TRACE) out of them.
Netcat is a utility tool having the capability to write and read data across TCP and UDP network connections, along with features like in-built port scanning, network debugging and file transfer etc.
Through the Netcat command we can identify the HTTP Options available on the target URL as follows :
nc 192.168.1.109 80
Press enter and the following options appear in the command line. Enter the server details as follows (and as highlighted in red )
OPTIONS http://192.168.1.109 / HTTP/1.0 host:192.168.1.109
The screenshot displays the various types of allowed HTTP methods (GET, HEAD, POST, OPTIONS, TRACE), apart from other server-specific information (Server response, version details etc)
