Getting ready

The HTTP SSL Certificate Checker auxiliary module will check the certificate of the specified web servers to ensure the subject and issuer match the supplied pattern, and that the certificate is not expired.

The HTTP Robots.txt Content Scanner auxiliary module will search for robots.txt files and analyze their content.

If the PUT method can be used by any unauthenticated remote user, arbitrary web pages can be inserted into the web root, possibly leading to a deface or even remote code execution, or the disk can be filled with meaningless data, resulting in a denial of service attack.

The Jenkins-CI Enumeration HTTP auxiliary module enumerates a remote Jenkins-CI installation without authentication, including host operating system and Jenkins installation details.