工具--metasploit模块

web服务器信息扫描模块

---

Module auxiliary/scanner/http/http_version

Module auxiliary/scanner/http/open_proxy

Module auxiliary/scanner/http/robots_txt

Module auxiliary/scanner/http/frontpage_login

Module auxiliary/admin/http/tomcat_administration

Module auxiliary/admin/http/tomcat_utf8_traversal

Module auxiliary/scanner/http/options

Module auxiliary/scanner/http/drupal_views_user_enum

Module auxiliary/scanner/http/scraper

Module auxiliary/scanner/http/svn_scanner

Module auxiliary/scanner/http/trace

Module auxiliary/scanner/http/vhost_scanner

Module auxiliary/scanner/http/webdav_internal_ip

Module auxiliary/scanner/http/webdav_scanner

Module auxiliary/scanner/http/webdav_website_content

文件目录扫描模块

---

Module auxiliary/dos/http/apache_range_dos

Module auxiliary/scanner/http/backup_file

Module auxiliary/scanner/http/brute_dirs

Module auxiliary/scanner/http/copy_of_file

Module auxiliary/scanner/http/dir_listing

Module auxiliary/scanner/http/dir_scanner

Module auxiliary/scanner/http/dir_webdav_unicode_bypass

Module auxiliary/scanner/http/file_same_name_dir

Module auxiliary/scanner/http/files_dir

Module auxiliary/scanner/http/http_put

Module auxiliary/scanner/http/ms09_020_webdav_unicode_bypass

Module auxiliary/scanner/http/prev_dir_same_name_file

Module auxiliary/scanner/http/replace_ext

Module auxiliary/scanner/http/soap_xml

Module auxiliary/scanner/http/trace_axd

Module auxiliary/scanner/http/verb_auth_bypass

web应用程序漏洞扫描模块

---

Module auxiliary/scanner/http/blind_sql_query

Module auxiliary/scanner/http/error_sql_injection

Module auxiliary/scanner/http/http_traversal

Module auxiliary/scanner/http/rails_mass_assignment

Module exploit/multi/http/lcms_php_exec