<rt id="bn8ez"></rt>
<label id="bn8ez"></label>

  • <span id="bn8ez"></span>

    <label id="bn8ez"><meter id="bn8ez"></meter></label>

    大漠駝鈴

    置身浩瀚的沙漠,方向最為重要,希望此blog能向大漠駝鈴一樣,給我方向和指引。
    Java,Php,Shell,Python,服務(wù)器運(yùn)維,大數(shù)據(jù),SEO, 網(wǎng)站開發(fā)、運(yùn)維,云服務(wù)技術(shù)支持,IM服務(wù)供應(yīng)商, FreeSwitch搭建,技術(shù)支持等. 技術(shù)討論QQ群:428622099
    隨筆 - 238, 文章 - 3, 評(píng)論 - 117, 引用 - 0
    數(shù)據(jù)加載中……

    WEB掃描工具之-Nikto

    Basic Testing

    The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

    perl nikto.pl -h 192.168.0.1

    To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

    perl nikto.pl -h 192.168.0.1 -p 443

    Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

    perl nikto.pl -h https://192.168.0.1:443/

    There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.

    perl nikto.pl -h 192.168.0.1 -p 443 -ssl

    More complex tests can be performed using the -mutate parameter, as detailed later. This can produce extra tests, some of which may be provided with extra parameters through the -mutate-options parameter. For example, using -mutate 3, with or without a file attempts to brute force usernames if the web server allows ~user URIs:

    perl nikto.pl -h 192.168.0.1 -mutate 3 -mutate-options user-list.txt

    Multiple Port Testing

    Nikto can scan multiple ports in the same scanning session. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). This will scan the host on ports 80, 88 and 443.

    perl nikto.pl -h 192.168.0.1 -p 80,88,443

    Multiple Host Testing

    Nikto support scanning multiple hosts in the same session via a text file of host names or IPs. Instead of giving a host name or IP for the -h (-host) option, a file name can be given. A file of hosts must be formatted as one host per line, with the port number(s) at the end of each line. Ports can be separated from the host and other ports via a colon or a comma. If no port is specified, port 80 is assumed.

    This is an example of a valid hosts file:

    Example 3.1. Valid Hosts File

    192.168.0.1:80
    http://192.168.0.1:8080/
    192.168.0.3


    A host file may also be an nmap output in "greppable" format (i.e. from the output from -oG).

    A file may be passed to Nikto through stdout/stdin using a "-" as the filename. For example:

    nmap -p80 192.168.0.0/24 -oG - | nikto.pl -h -

    Using a Proxy

    If the machine running Nikto only has access to the target host (or update server) via an HTTP proxy, the test can still be performed. Set the PROXY* variables (as described in section 4), then execute Nikto with the -u (-useproxy) command. All connections will be relayed through the HTTP proxy specified in the configuration file.

    perl nikto.pl -h 192.168.0.1 -p 80 -u

    Updating

    Nikto can be automatically updated, assuming you have Internet connectivity from the host Nikto is installed on. To update to the latest plugins and databases, simply run Nikto with the -update command.


    perl nikto.pl -update

    If updates are required, you will see a list of the files downloaded:

     perl nikto.pl -update
    + Retrieving 'nikto_core.plugin'
    + Retrieving 'CHANGES.txt'

    posted on 2010-03-17 16:22 草原上的駱駝 閱讀(1034) 評(píng)論(0)  編輯  收藏 所屬分類: Linux

    主站蜘蛛池模板: 亚洲精品亚洲人成在线观看麻豆| 亚洲韩国在线一卡二卡| a级毛片高清免费视频| 亚洲AV成人一区二区三区AV| 无码中文字幕av免费放| 国产精品亚洲а∨无码播放不卡| 国产亚洲老熟女视频| 足恋玩丝袜脚视频免费网站| 免费精品视频在线| 亚洲人成电影福利在线播放| 最近中文字幕mv免费高清视频7| 一边摸一边爽一边叫床免费视频| 亚洲性天天干天天摸| 国产精品公开免费视频| 99re视频精品全部免费| 国产在亚洲线视频观看| 亚洲人成电影亚洲人成9999网| 国产小视频在线免费| 最近免费中文字幕mv在线电影| 无码 免费 国产在线观看91| 亚洲剧情在线观看| 亚洲综合另类小说色区| 成年女人午夜毛片免费看| 国产色爽免费无码视频| 亚洲精品无码成人| 亚洲视频精品在线| 亚洲成人高清在线| 最近免费中文字幕视频高清在线看| 在线涩涩免费观看国产精品| 老子影院午夜伦不卡亚洲| 亚洲色图校园春色| 亚洲AV综合色一区二区三区| va亚洲va日韩不卡在线观看| 91嫩草国产在线观看免费| 免费网站看av片| 一级一级毛片免费播放| 亚洲AV无码国产剧情| 亚洲精品亚洲人成在线播放| 亚洲精品国产成人99久久| 亚洲综合精品香蕉久久网| 亚洲Av无码国产情品久久|