I've had a case where non-HTTP services (like SSH) were listening on HTTP ports (i.e. 80, 443). When this happens OWTF gets stuck forever since many of the tools launched will get stuck.
To avoid this, OWTF should be smarter and indicate that "this host does not speak HTTP" or similar and avoid running all the tests afterwards.
This check might perhaps be best implemented as a basic "GET / HTTP/1.1" request that most HTTP sites should have no option other than accept :).
I've had a case where non-HTTP services (like SSH) were listening on HTTP ports (i.e. 80, 443). When this happens OWTF gets stuck forever since many of the tools launched will get stuck.
To avoid this, OWTF should be smarter and indicate that "this host does not speak HTTP" or similar and avoid running all the tests afterwards.
This check might perhaps be best implemented as a basic "GET / HTTP/1.1" request that most HTTP sites should have no option other than accept :).