Scanning Webservers with Nikto for vulnerabilities Kali Linux
iSpeech
This video shows you how to scan webservers for vulnerabilities using Nikto in Kali Linux. Nikto is a webserver assessment tool to find potential problems and vulnerabilities. Nikto comes standard as a tool with Kali Linux.
Nice feature in Nikto is the possibility to define the test using the -Tuning parameter:
0 - File Upload
1 - Interesting File / Seen in logs
2 - Misconfiguration / Default File
3 - Information Disclosure
4 - Injection (XSS/Script/HTML)
5 - Remote File Retrieval - Inside Web Root
6 - Denial of Service
7 - Remote File Retrieval - Server Wide
8 - Command Execution / Remote Shell
9 - SQL Injection
a - Authentication Bypass
b - Software Identification
c - Remote Source Inclusion
x - Reverse Tuning Options (i.e., include all except specified)
Check out the full hacking tutorial here: https://www.hackingtutorials.org/web-application-hacking/scanning-webservers-vulnerabilities-with-nikto/
Thanks for watching and please subscribe to my channel 🙂
2015-05-30 12:26:44
source
Gloss