Security testing tools that we should know? – User friendly Tech help
1.nmap
n
Installation:-
n1.Download the .tar file
n2. untar, bzip2 -cd nmap-versionXX.tar.bz2 | tar xvf -cd nmap-versionXXX
n3.cd nmap-version
n4. ./configure
n5.make
n6. su root
n7.make install
n
n
If all the steps runs successfully, we have the following console message:-
nNMAP SUCCESSFULLY INSTALLED
n
Check the nmap version, nmap –version
n
How to find open ports for given server say (50.9.51.65)
n
nmap -sV -p 1-65535 50.9.51.65 This command will scan all of your local IP range , and will perform service identification (-sV) and will scan all ports (-p 1-65535).
n
Result:-
n
 |
| Add caption |
n
n
2.Nikto
nRequirements for nikto
n
Installation:-
n
- n
- Download the latest version from github
- Extract the files
- cd nikto-master/program
- perl nikto.pl
n
n
n
n
n
Note:- in our example we used Ubuntu OS, which have perl preinstalled.
n
n
How to scan multiple ports using nikto:- perl nikto.pl -h www.website.com -p 80,443
n
above we used 2 ports (80,443)
n
n
3.wp-scan
nScanning vulnerabilities in wordpress website.
nInstallation:- Clone the code, install the dependencies based on the enviornment (OS)
n
run it to scan the wordpress websites.
n
n
Example:-
nruby wpscan.rb –url www.example.com
