Introduction to Nikto with the Clueless Guru
Nikto is a web recon application that allows you to find common server or application misconfigurations, sensitive data or vulnerable pages hosted on a website. Today, we will be going over Nikto and its most common use cases. Stick around to the end for an added bonus feature. Bonus content credit: https://www.sjoerdlangkemper.nl/2016/11/28/header-injection-in-nikto/ 0:55 Lab Setup 2:25 Lay of the land 5:02 NMAP 7:41 First look at our site 8:45 Nikto -H(elp) 9:20 Basic Start - nikto -h [ip] - base site 12:22 Nikto and Subsites [-root] - twiki 13:40 Last scan - dvwa 17:00 Display Verbosity 18:13 Output to file 19:35 Ports, ssl, nossl flags 20:16 Bonus - adding arbitrary headers 24:23 Valid vs invalid session 25:00 Outro
Nikto is a web recon application that allows you to find common server or application misconfigurations, sensitive data or vulnerable pages hosted on a website. Today, we will be going over Nikto and its most common use cases. Stick around to the end for an added bonus feature. Bonus content credit: https://www.sjoerdlangkemper.nl/2016/11/28/header-injection-in-nikto/ 0:55 Lab Setup 2:25 Lay of the land 5:02 NMAP 7:41 First look at our site 8:45 Nikto -H(elp) 9:20 Basic Start - nikto -h [ip] - base site 12:22 Nikto and Subsites [-root] - twiki 13:40 Last scan - dvwa 17:00 Display Verbosity 18:13 Output to file 19:35 Ports, ssl, nossl flags 20:16 Bonus - adding arbitrary headers 24:23 Valid vs invalid session 25:00 Outro