Scan a target list of web servers looking for information leakage through Server HTTP headers. Read more about it here on the Raxis blog.
All required libraries are covered in the Python3 standard lib, so cloning this repository should suffice.
The output filename for the resulting data.
A comma separated list of hosts and ports. If no port is given, port 443 is defaulted
Supported formats are csv. Defaults to csv.
python3 server_header_scan.py internal_scan.csv 192.168.0.231,192.168.10.100:8443 --format csv
Contributions for the following features (or others!) are welcome through pull requests:
- Add support for more output file types (e.g. .doc, .xls)
- Add support for both http and https, perhaps simultaneous requests.