Would you like to identify web server weaknesses and vulnerabilities during the reconnaissance phase? In this course, Technical Weakness Identification with Nikto, you will gain the ability to scan web servers for vulnerabilities and misconfigurations. First, you will learn how to use Nikto to perform a web server vulnerability scan. Next, you will discover options within Nikto that allow you to start scans against multiple hosts. Finally, you will explore how to use the Nikto configuration file to setup static cookies and to send scan traffic through a proxy. When you are finished with this course, you will have the skills and knowledge of web server scanning with Nikto needed to identify web server vulnerabilities.
Course Overview (Tool Introduction) Welcome to Pluralsight and the cybersecurity tools course featuring Nikto, the open source web server scanning tool developed and maintained by Chris Sullo and David Lodge. Members of blue and red teams, as well as penetration testers, need to understand how an attacker can quickly identify security vulnerabilities and misconfigurations associated with web application servers. Nikto can do precisely that. With Nikto, you can scan a web server to find vulnerabilities, run the scans through a proxy, set static cookies, or replay individual positive findings. If you are seeking to learn how you can use Nikto towards reconnaissance efforts during security engagements or if you just want to learn how attackers can perform these activities, join me, and learn how to find web server vulnerabilities using Nikto here, at Pluralsight.