Apache Range header vulnerability script

I wrote an upgraded variant of the Apache killer script propagated on Full Disclosure capable of HTTPS requests. Also, other than its descendant, it can follow a server’s initial response for redirection which the original script interprets as the server not being vulnerable.

Script is available here: Apache Vulnerability Check (2395)

This script merely checks for vulnarabilities but will not exploit them.

Leave a Reply

Your email address will not be published. Required fields are marked *