HTTP header detection

Let's now try to detect the HTTP headers of the web application. The HTTP header can reveal a lot of information about the application, such as the technology being used, the content length, cookie expiry dates, XSS protection, and more:

1. Navigate to the Modules section and search for http_header:

2. Clicking on the module name will take us to the options page where we can specify the Target Addresses, port number, thread, and so on:

3. After we have configured the settings, we click on Run module and a new task will be launched:

4. When the task completes, we can go to the Analysis tab and, in the Notes section, we will be able to see all the headers discovered by the scanner module:

Next, let's look at web robot page enumeration.