312-50V10 · Question #473
Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?
The correct answer is D. http-methods. The Nmap NSE script http-methods is specifically designed to enumerate HTTP methods allowed by a web server, such as GET, POST, HEAD, PUT, DELETE, and TRACE.
Question
Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?
Options
- Ahttp-git
- Bhttp-headers
- Chttp enum
- Dhttp-methods
How the community answered
(27 responses)- A4% (1)
- C4% (1)
- D93% (25)
Why each option
The Nmap NSE script http-methods is specifically designed to enumerate HTTP methods allowed by a web server, such as GET, POST, HEAD, PUT, DELETE, and TRACE.
The http-git script detects exposed .git repositories on web servers, not the HTTP methods the server accepts.
The http-headers script retrieves and displays HTTP response headers from a web server, not the set of allowed HTTP methods.
The http-enum script enumerates directories, files, and common web application paths on a server, not the HTTP methods supported by that server.
The http-methods Nmap script sends test requests to a web server and reports which HTTP methods are permitted, including potentially dangerous ones like PUT, DELETE, and TRACE. This is a standard enumeration technique used during web application assessments to identify misconfigured servers. It directly maps to the described requirement of detecting those specific HTTP verbs.
Concept tested: Nmap NSE HTTP method enumeration script
Source: https://nmap.org/nsedoc/scripts/http-methods.html
Topics
Community Discussion
No community discussion yet for this question.