Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Attackers can easily perform an HTTP method scan to learn if a website contains vulnerabilities that help the attacker bypass security controls. While this scan typically does not negatively affect the website, this technique helps attackers find information to take the next step in an attack campaign.
The system might change the risk score for this detection.
Kill Chain
Risk Score
37
HTTP methods such as GET and POST enable website visitors and administrators to perform actions on a web server. But some HTTP methods are considered risky because they could enable an attacker to modify data or steal credentials from a server. While most websites have security controls for risky methods such as DELETE, PUT, CONNECT, and TRACE, these controls are not comprehensive and could allow arbitrary methods to get through. To confirm whether an attacker can bypass security controls, multiple requests with arbitrary or invalid methods are sent to a web server. If the web server allows these invalid methods, then the attacker learns about potential vulnerabilities to exploit.
Configure web servers to only allow HTTP methods that are required
