Three Little Commands and a Pen-Test

Yea, you read that right. Three commands and you can run a pen-test on your website/webserver. So, how?

kelvin@home:~$ sudo apt-get install nikto
kelvin@home:~$ sudo nikto -update
kelvin@home:~$ nikto -h www.thoughtdeposit.net

As you can see, Nikto is a web server scanner, apparently for over 3200 dangerous files/vulnerabilities. Additional features can be seen at the Nikto website, yet you will certainly want to add this old gem to your webserver toolbelt as soon as possible.

Posted by Kelvin on October 15th, 2006 Filed in Webserver, Linux, Unix, Command Line

2 Responses to “Three Little Commands and a Pen-Test”

  1. Ian Says:
    October 16th, 2006 at 11:29 am

    Nice uncategorized post ;)
    I prefer nikto -h www.kelvinism.com, personally.

    I don’t 100% trust all the output from nikto, some of the “vulnerabilties” it found were for pages that don’t exist. Still, it’s definetly a good start.

  2. Kelvin Says:
    October 16th, 2006 at 10:04 pm

    Yea, I’ll admit, it is time for me to do some fall cleaning. And yes, it is a little on the false-positive side.

Leave a Reply