This plugin finds which HTTP methods are enabled for a URI. Two configurable parameters exist:
If “execOneTime” is set to True, then only the methods in the webroot are enumerated. If “reportDavOnly” is set to True, this plugin will only report the enabled method list if DAV methods have been found. The plugin will try to use the OPTIONS method to enumerate all available methods, if that fails, a manual enumeration is done.
|execOneTime||boolean||True||Execute plugin only one time||Generally the methods allowed for a URL are configured system wide, so executing this plugin only once is the faster choice. The most accurate choice is to run it against every URL.|
|reportDavOnly||boolean||True||Only report findings if uncommon methods are found||No detailed help available|
This plugin has no dependencies.