You probably gonna find this issue in your manual browsing and spidering phase of your assessment. But also Nikto and Nessus will report this issue during your scanning phase.
Intercepting Web Proxy Output:
Pop up in your browser:
Indication of login
+ / - Requires Authentication for realm
Web Server Uses Basic Authentication Without HTTPS
Plugin ID: 34850
The remote web server contains web pages that are protected by ‘Basic’ authentication over cleartext.
An attacker eavesdropping the traffic might obtain logins and passwords of valid users.
Make sure that HTTP authentication is transmitted over HTTPS.
Include the following information in the final report:
- Name of the Website or WebApplication
- A sample request and reponse