Porta 80 in pentest lab: scan, fingerprint HTTP, vhost enum, directory brute force, misconfig e detection. Workflow con Nmap/ffuf/curl.