Table of Contents#

1. dmitry
2. nikto
3. sslscan
4. wafw00f
5. wpscan
6. whatweb
7. skipfish
8. Cutycapt

[Info] Information Gathering Tool#

dmitry#

Passive Information Gathering Tool

• Sacn the website example.com and output the record in example.txt

dmitry -winsepo example.txt example.com

nikto#

Vulnerability Analysis Gathering Tool

Basic usage#

• Sacn the website 192.168.1.86

nikto -host 192.168.1.86

SSL Sacn#

• SSL site scan with 192.168.1.86

nikto -h 192.168.1.86 -ssl

With Metasploit#

• Into a format that Metasploit can read when you’re performing a scan.

nikto -h 192.168.1.86 -Format msf+

sslscan#

To check SSL server status

sslscan www.example.com

wafw00f#

The Web Application Firewall Fingerprinting Tool (WAF) Check the WAF exist

wafw00f https://example.org

Full Scan / Audit#

wpscan#

WPScan WordPress Security Scanner

wpscan --url http://192.168.1.86

whatweb#

WPScan WordPress Security Scanner

• With a level 3 to scan the website

whatweb -v -a 3 http://192.168.1.86

skipfish#

Active web application security reconnaissance tool.

skipfish -o folder http://192.168.1.86

Tools Base#

cutycapt#

Cap website images

cutycapt --url=http://www.kali.org --out=kali.png