nerdexam
EC-Council

312-50V10 · Question #473

Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

The correct answer is D. http-methods. The Nmap NSE script http-methods is specifically designed to enumerate HTTP methods allowed by a web server, such as GET, POST, HEAD, PUT, DELETE, and TRACE.

Hacking Web Servers

Question

Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

Options

  • Ahttp-git
  • Bhttp-headers
  • Chttp enum
  • Dhttp-methods

How the community answered

(27 responses)
  • A
    4% (1)
  • C
    4% (1)
  • D
    93% (25)

Why each option

The Nmap NSE script http-methods is specifically designed to enumerate HTTP methods allowed by a web server, such as GET, POST, HEAD, PUT, DELETE, and TRACE.

Ahttp-git

The http-git script detects exposed .git repositories on web servers, not the HTTP methods the server accepts.

Bhttp-headers

The http-headers script retrieves and displays HTTP response headers from a web server, not the set of allowed HTTP methods.

Chttp enum

The http-enum script enumerates directories, files, and common web application paths on a server, not the HTTP methods supported by that server.

Dhttp-methodsCorrect

The http-methods Nmap script sends test requests to a web server and reports which HTTP methods are permitted, including potentially dangerous ones like PUT, DELETE, and TRACE. This is a standard enumeration technique used during web application assessments to identify misconfigured servers. It directly maps to the described requirement of detecting those specific HTTP verbs.

Concept tested: Nmap NSE HTTP method enumeration script

Source: https://nmap.org/nsedoc/scripts/http-methods.html

Topics

#nmap NSE scripts#HTTP methods#web server scanning#http-methods

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice