HTTP headers enable communication between the browser and the server so that they can exchange information with an HTTP request or response. Headers include data on the connection to be established as well as the resource to be sent and received.
These simple fields, however, can also help malicious actors to tailor attacks on a web platform as the headers provide valuable information on the web platform. For example, if the server indicates the server name and version in the header, cybercriminals can look for known issues in the version of the server and tailor their attack against the server. This is called vulnerability mapping.
In addition to these ordinary headers, there are some custom headers that are not defined in HTTP specification but used for programs to transfer data, define behavioral things, etc.
Invicti collects a list of all the unusual or customized HTTP headers during a security scan of the target web application. This information can help security professionals reveal more information about the target web application and the environment in which it runs. This information is also very beneficial for QA teams, as it helps them discover any legacy or unused components.
Once the scan is completed, all interesting headers are listed under the Interesting Headers node in the Knowledge Base. You can access the same information in the Knowledge Base Report and Knowledge Base Tab.
Invicti forms Knowledge Base nodes on its findings. If the Interesting Headers node is not listed, it means that Invicti did not find any.
How to View the Interesting Headers Node in Invicti Enterprise
- Log in to Invicti Enterprise.
- From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
- Next to the relevant website, click Report.
- From the Technical Report section, click the Knowledge Base tab.
- Click the Interesting Headers node. The information is displayed in an Interesting Headers tab.
How to View the Interesting Headers Node in Invicti Standard
- Open Invicti Standard
- Start a Scan or open a previously saved scan.
- The Knowledge Base is displayed on the right of the Scan Summary Dashboard. (If it is hidden, display it again using the Knowledge Base icon on the View tab on the ribbon. Alternatively, click the Reset Layout icon on the View tab, then close the Activity/Progress/Logs panes to give maximum viewing space.)
- Ensure that the Knowledge Base Viewer is also displayed. (If it is hidden, you can display it again using the Knowledge Base Viewer button on the View tab. You may also want to close the Activity/Progress/Logs panes.)
- Click the Interesting Headers node in the Knowledge Base. All detected Interesting Headers are displayed in the Knowledge Base Viewer.