Pentesting Tools: Scanners - Paiet/SEC-335 GitHub Wiki

  • Scanners
    • Nikto
      • Web application vulnerability Scanner
      • nikto -h http://victim.com/
      • Output files
        • Sends output to terminal screen by default
        • XML
        • HTM
        • CVS
        • TXT
      • Authenticated scans
        • Basic host authentication
        • -id username:password
    • W3AF
      • Web application vulnerability scanner
      • w3af_gui
    • OpenVAS
      • Vulnerability assessment scanner
      • Open Source
      • Walk around the GUI interface
      • Check out the CLI
        • omp -u username --get-tasks
        • man omp
    • Nessus
      • Vulnerability Scanner
    • SQLmap
      • Used to automate SQL injection discover and exploitation
      • Quick example
        1. Bring up the bWAPP webpage
        2. Go to first SQL injection challenge
        3. Check for SQL injection by searching for "iron'"
        4. Grab cookie from Burp
        5. Run SQLmap
        • Grab -u url from bWAPP in browser and paste it in
        • Grab --cookie= from Burp
        • Add --dump to dump output to screen
        • Don't forget to wrap url and cookie in double-quotes!!!