Just published a post on how you can set up an open source security scanner ( #owasp ZED attack proxy) for your file transfer server https://www.sftpplus.com/articles/2018/sftpplus-mft-security-scan-post.html which uses HTTP(S) authentication.


You can adapt to fit your own server.