File http-vhosts
Script types:
portrule
Categories:
discovery, intrusive
Download: http://nmap.org/svn/scripts/http-vhosts.nse
User Summary
Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames.
Each HEAD request provides a different
Host header. The hostnames come from a built-in default
list. Shows the names that return a document. Also shows the location of
redirections.
The domain can be given as the http-vhosts.domain argument or
deduced from the target's name. For example when scanning www.example.com,
various names of the form <name>.example.com are tried.
Script Arguments
http-max-cache-size, http.pipeline, http.useragent
See the documentation for the http library.Example Usage
nmap --script http-vhosts -p 80,8080,443 <target>
Requires
Author: Carlos Pantelides
License: Same as Nmap--See http://nmap.org/book/man-legal.html
