Linux, programming and more
Penetration testing(pentest) is very important for development and production environments unfortunately many people forget that and play with fire.
Pentest is a method of evaluating the security of a server services and hardware devices.
This hard analysis is carried out from the position of a potential attacker, in this case this attacker is a white hat and he can involve active exploitation of security vulnerabilities. [Read more…]
Nikto is an Open Source (GPL) web server scanner which scans your webserver against more than 3500 dangerous files/CGIs, outdated version checking, It has a very good plugin support
Official site
To install in ubuntu / debian
1 | $ apt-get install nikto |
For simple test:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | firewall ~ # nikto -h debianuser.org --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + Target IP: 188.40.116.206 + Target Hostname: debianuser.org + Target Port: 80 + Start Time: 2010-12-07 10:45:55 --------------------------------------------------------------------------- + Server: Apache + OSVDB-3092: GET /img/ : This may be interesting... + OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons + 4347 items checked: 2 item(s) reported on remote host + End Time: 2010-12-07 10:49:45 (230 seconds) --------------------------------------------------------------------------- + 1 host(s) tested |