The Hypertext Transfer Protocol (HTTP) is the most common protocol used for serving web content. By default, it runs on port 80. Enumerating HTTP can reveal a lot of interesting information, including the applications it is serving.
Nikto is a specialized tool for enumerating the HTTP service and is part of the default Kali Linux installation. The following screenshot shows various available options in the Nikto tool:
We can enumerate an HTTP target using the nikto -host <target IP address> command, as shown in the following screenshot:
Nmap can also be effectively used for enumerating HTTP. The following screenshot shows HTTP enumeration performed using Nmap script. The syntax is as follows:
nmap --script http-enum <Target IP address>
The output of the http-enum Nmap script shows server information along with various interesting directories that can be further explored.