[ Thanks to An Anonymous Reader for
this link. ]
“The new module, called “page_collector,” takes a range of hosts
in the typical RHOSTS fashion and checks a user-definable list of
ports for web services using both HTTP and HTTPS. Each successfully
identified web server then gets a corresponding iFrame in an output
file.“The result is a single HTML document that, when loaded by the
attacker, presents them with an easy to view list of hosts.”