Nikto and Wikto

I started my carrier in application security with this open source automated security scanner. That time I was really excited to use this tools. As a beginner it’s not a waste of time, Nikto and wikto tools will show you potentials obvious doors, using fingerprint, default pages, default directories. It can be useful to detect if there are some known vulnerable applications behind a Domain Name or IP address. But it will not go deeper. In addition to this, it is required to take a look at other open source tools for different security vulnerabilities like SQL Injection, XSS and etc.

 

 

 

Of course, some professionals products exists to go really deeper, like Qualys, where you can choose audit level (fingerprinting -> poc -> aggressive). Nessus, Metasploit, IBM AppScan are some keywords you can google for too, just add "web application scanning" or "web application vulnerability" after the keyword.

 

All of them will never replace a manual audit, meaning that you have many years of hack and multiples skills (DB admin, web application development, system, ....).

 

In fact, all depends your needs : pentest or audit ? The border between theses 2 words is thin. Let's say if somebody ask you for a pentest, it will include an audit first, then real exploits you will find, the goal is to steal data, become root, or make things you are not supposed to be able to do. For an audit, "bad" auditors will only click a button and will be paid for a nice pdf report nice graphs and colors. Real auditors will go deeper on each point marked as red in the report.