This is pretty much anywhere a hacker will attempt to attack and could include things such as network-exposed printers and a web server. Nikto is actually more like a laser pointer to call in a much larger strike, and you'll see how that plays out in a little bit.įirst, let's talk about the target surface. If you just run Nikto by itself on a targeted website, you may not know what to do with the information from the scan. Don't Miss: Use Metasploit's WMAP to Scan Web Apps for Vulnerabilities.Initially designed for security testing, stealth was never a concern.
Any site with an intrusion-detection system or other security measures in place will detect that it's being scanned.
Also, it's one of the most widely used website vulnerabilities tools in the industry, and in many circles, considered the industry standard.Īlthough this tool is extremely effective, it's not stealthy at all. Nikto is a simple, open-source web server scanner that examines a website and reports back vulnerabilities that it found which could be used to exploit or hack the site. After they've used some good recon and found the right places to point their scope at, they'll use a web server scanning tool such as Nikto for hunting down vulnerabilities that could be potential attack vectors. Before attacking any website, a hacker or penetration tester will first compile a list of target surfaces.
0 kommentar(er)
