Apache Range header vulnerability script
I wrote an upgraded variant of the Apache killer script propagated on Full Disclosure capable of HTTPS requests. Also, other than its descendant, it can follow a server’s initial response for redirection which the original script interprets as the server not being vulnerable.
Script is available here: [Download not found]
This script merely checks for vulnarabilities but will not exploit them.