BuyMeACoffee

Web Scanners

nikto

LogoGitHub - sullo/nikto: Nikto web server scannerGitHub

Usage

# Default
nikto -h http://0.0.0.0

# scan domain with ssl enabled
nikto -h https://0.0.0.0 -ssl

Whatweb

LogoGitHub - urbanadventurer/WhatWeb: Next generation web scannerGitHub
hatWeb identifies websites. It recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices.
# install
git clone https://github.com/urbanadventurer/WhatWeb.git
cd WhatWeb
make install

# usage
# Default scan
whatweb $ip

# Scan the local network quickly and suppress errors
whatweb --no-errors $network

whatweb --aggression=Stealthy/Aggressive/Heavy --verbose 

# Scan reddit.com slashdot.org with verbose plugin descriptions
whatweb -v reddit.com slashdot.org

# An aggressive scan of wired.com detects the exact version of WordPress.
whatweb -a 3 www.wired.com

# Scan the local network for https websites
whatweb --no-errors --url-prefix https:// $network

PortSwigger's Burp Suite

LogoHacking-Resources/Burp Suite Cookbook.pdf at master · rng70/Hacking-ResourcesGitHub
BurpSuite Cookbook

OWASP ZAP

LogoOWASP ZAP Zed Attack Proxy | OWASP
Meh...
PreviousDirectory/Files ScannersNextSubdomains

Last updated

Was this helpful?