ICYMI: Matthias Wübbeling shows you how to pentest your web server with Nikto https://www.admin-magazine.com/Archive/2023/74/Pentest-your-web-server-with-Nikto #vulnerability #security #pentest #Nikto #Perl #infrastructure #firewall

March of Robots 24: Gort (The Day the Earth Stood Still)

Still behind. Just want to have 31 out by March 31. That's the plan, anyway.

#marchofrobots2023 #marchofrobots #gort #thedaytheearthstoodstill #klaatubaradanikto #klaatu #barada #nikto

A few popular ones from 2022-

Stealth SYN scan, detect version of services running on all open ports:
$ nmap -sS -sV -p- <target>

Show open connections and listening ports, with PID/name:
$ netstat -anp

Scan for vulnerabilities, output to file/metasploit:
$ nikto -h scanme.nmap.org -o scan.txt

$ nikto -h <target> -Format msf+

Enumerate databases on a target web server that is using SQL injection vulnerabilities:
$ sqlmap -u <target URL> --dbs

There’s many more intensive flags, but in the spirit of being quiet I posted these. Feel free to add good ones I missed.

#nmap #pentesting #sql #nikto

[ #AdventOfCyber2022 #tryhackme] Day 4

In Day 4 Tasks, we learn on how to do #scanning

Scanning is procedure to identify living hosts, ports, and services running on specify target.

There are 2 types of scan based on their intrusiveness:
1. #passivescan
Passive scan is scanning without touching/interacting directly with the target device. The scan usually done being capturing packages using #wireshark. However, the information you can get are fairly limited.

2. #activescanning
Active scan is scanning that interacting directly with the target service, usually by sending pocket to specific asset. The scanning will immediately do a deep scan to get a lot of information from the target.

Several #scanning techniques:
1. #networkscanning
The scan that aimed to map the entire network of the target. When an attacker has mapped the entire network of their target, they can launch #exploit through the weakness of enemy network.

2. #portscanning
The scan that aimed to look for any open port that capable of sending and retrieving request/data.

3. #vulnerabilityscanning
The scan that aimed to identify what kind of #vulnerability existed on the network that may threaten the system.

Tools to do scanning:
1. #nmap
NMAP is one of the most popular tool used for scanning a network. It can be used to scan open ports, open #networkprotocols , open #services, running #operatingsystem, etc.

2. #nikto
Nikto is a open source that can be used to identify #website for #vulnerability. It allows to search a #website for their subdomains, outdated servers, #debug messages, and many more.

#Nikto #ChatGPT lol www.google.com

https://jmau111.github.io/2022/11/26/nikto-cheat-sheet/ #tools #pentesting #nikto #enumeration

https://jmau111.github.io/2022/11/26/nikto-cheat-sheet/ #tools #pentesting #nikto #enumeration

Fałszujemy rozpoznania skanerów #2 ( https://nfsec.pl/security/5774 ) #linux #nmap #nikto #twittermigration

Thinking of a Cybersecurity Career? Read This - Thousand of people graduate from colleges and universities each year with cybersecurity or computer ... more: https://krebsonsecurity.com/2020/07/thinking-of-a-cybersecurity-career-read-this/ #womenssocietyofcyberjutsu #howtobreakintosecurity #securitybsides #sansinstitute #defcongroups #alanpaller #metasploit #virtualbox #kalilinux #wireshark #openvas #tcpdump #webgoat #nessus #tcp/ip #nikto #owasp #nmap

[sorry folks, this one's in german]

Teil 3 der NetHack Videoreihe ist da! Heute schauen wir uns den Apache Webserver an, suchen mit Nikto nach versteckten Dateien und Ordnern und überprüfen Wordpress mit WPScan auf Schwachstellen und bekannte Benutzernamen.

https://www.youtube.com/watch?v=FCfoHEVP98M

#Ethical #Hacking #Nikto #WPScan #wordpress #apache #youtube