Description: In This Video You will learn how to use Nikto tool for Scanning the Web server.
Nickto :- Nikto is an Open Source web server scanner tool. Nikto is written by Chris Sullo and David Lodge. In this video we will scan on apache server and Ubuntu 11.04.
Feature :-
• SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's
Perl/NetSSL)
• Full HTTP proxy support
• Checks for outdated server components
• Save reports in plain text, XML, HTML, NBE or CSV
• Template engine to easily customize reports
• Scan multiple ports on a server, or multiple servers via input file (including nmap output)
• LibWhisker's IDS encoding techniques
• Easily updated via command line
• Identifies installed software via headers, favicons and files
• Host authentication with Basic and NTLM
• Subdomain guessing
• Apache and cgiwrap username enumeration
• Mutation techniques to "fish" for content on web servers
• Scan tuning to include or exclude entire classes of vulnerability
checks
• Guess credentials for authorization realms (including many default id/pw combos)
• Authorization guessing handles any directory, not just the root
directory
• Enhanced false positive reduction via multiple methods: headers,
page content, and content hashing
• A "single" scan mode that allows you to craft an HTTP request by
hand
• Reports "unusual" headers seen
• Interactive status, pause and changes to verbosity settings
http://cirt.net
Source :- NetcladSecurity Posted This Video On Youtube.
Tags: scanning , web-server , nikto ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.