Why does NMAP’s Http-Method-Tampering Mark a Server’s 405 Code as Vulnerable?
I recently tested a custom server with the http method tamper script from NMAP. It reported the server as being vulnerable with the following output:
nmap -p 8000 -sV –script http-method-tamper 192.168.68.63
| http-method-tamper:
| VUL…