We earn commission when you buy through affiliate links.
This does not influence our reviews or recommendations.Learn more.
And14%of investigated intrusion was due to misconfiguration.
Misconfiguration can lead to serious risks.
There are a number ofonline vulnerability scannersto test your web applications on the Internet.
Sounds like a perfect in-house tool for web server scanning.
It is capable of scanning for over6700 itemsto detect misconfiguration, risky files, etc.
and some of the features include;
Lets get started with installation and how to use this tool.
There are many ways to use Nikto.
Note:performing scan makes lots of requests to your web server.
You acknowledge the risk and perform against only your servers.
Using Nikto on Kali Linux
Since its inbuilt in Kali, you dont need to install anything.
There is multiple syntaxes you’re free to use to execute the scan.
However, the quickest way to do is below.
Dont forget to change $webserverurl with your web server actual IP or FQDN.
you might refer to myApache Security & Hardening Guideto fix these.
Using Nikto on CentOS
Once installed execute nikto and should be fine.
This time, I will run a scan against the Nginx webserver to see how it performs.
ERROR 3
you better drop in the Perl bignum module.
