Nikto is a tool that it has been written in Perl and it can perform tests against web servers in order to identify potential vulnerabilities. Nikto can be used in web application penetration tests and in some cases can produce juicy results.Specifically if a system administrator has not configured very well his web server and the web server is out of date or there is a misconfiguration Nikto is capable to find them.
For the needs of the article we will use Nikto in order to scan the web server where the DVWA (Damn Vulnerable Web Application) is hosted.Before we start the scan it is always a good practice to perform an update for obtaining the latest plugins.This can be achieved with the -update parameter.
No comments:
Post a Comment