Scan for Vulnerabilities on Any Website Using Nikto [Tutorial]

Рет қаралды 414,640

Күн бұрын

Get Our Premium Ethical Hacking Bundle (90% Off): nulb.app/cwlshop
How to Scan Websites for Vulnerabilities with Nikto
Full Tutorial: bit.ly/NiktoScan
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Not all websites are developed the same, and a lack of security measures is all the opening a hacker needs to wreak some havoc. In this episode of Cyber Weapons Lab, we'll show you how to scan websites for vulnerabilities with Nikto, a powerful but simple tool that can perform scans on SSL/HTTPS websites, an IP address for a service on a local network, or an older HTTP web domain.
Follow Null Byte on:
Twitter: / nullbytewht
Flipboard: flip.it/3.Gf_0
Weekly newsletter: eepurl.com/dE3Ovb

Пікірлер: 346

@elikirkwood4580 5 жыл бұрын

Remember kiddies, don't try this at home. Go to a friend's house

@raymondy6302 5 жыл бұрын

Eli Kirkwood or use a vpn

@busyhacker8129 5 жыл бұрын

Or you can you both Tor and vpn for 99% security.

@busyhacker8129 5 жыл бұрын

@Islaminame Well ,in case of mobile phones if you try to use 2 vpns +Tor then your battery will decrease in huge amount like water from glass( if glass bends) because vpn's uses much battery as compared to Tor.

@mrabdego 5 жыл бұрын

hhhhhhhh

@sweetimpala 4 жыл бұрын

whys that? what are the possible risk doing this at home?

@misterx8014 4 жыл бұрын

Moral of this video: Never ever blink when u're explaining something to someone..

@DuckZ_Gamer-gf1si 4 жыл бұрын

LEGIT! XD

@IgorogI1000 4 жыл бұрын

lol

@ahead725 4 жыл бұрын

Lol

@user-rr7im5og7k 3 жыл бұрын

lmfao

@Saadi_987 2 жыл бұрын

lol

@rickmonarch4552 4 жыл бұрын

At 1:52 HE ALMOST BLINKED :OOOOOOO!!!4

@onions5113 4 жыл бұрын

what do you mean blink i only seen that comment blink blink blink!!

@vladobjelis223 3 жыл бұрын

AHHAHAHAHAHAHAHAHAHAHAHHAHAHAHA good one!

@mrsmith4534 5 жыл бұрын

Yes, finally we get to see u again

@paprika5487 5 жыл бұрын

I would love to see a part 2 of this in which you actually do pair the nikto output with some metasploit exploit. I find interpreting nikto output to be very, very difficult in relation to next steps.

@swine13 3 жыл бұрын

Right? I feel like i need a tutorial about how to make sense of the various outputs you can get

@dacman61 4 жыл бұрын

Excellent video! Thank you for walking us through this process with great, efficient tips along the way. Very helpful.

@theopposition173 4 жыл бұрын

That electric sound effect at the end of the video - you got me. I even felt the vibration coming from my laptop. Fuck sake.

@generalregistry 4 жыл бұрын

Just wanted to say thank you for your channel 👍I appreciate your presentations

@saiddope2241 7 ай бұрын

This channel is a gem

@thomasle8317 Жыл бұрын

You can zoom screen when you type command line, it truly useful for us to following.

@ericcolt8078 4 жыл бұрын

Thanks Null Byte ! what would you personally recommend if you compare Burp suite vs Nikto ? for reconning and excuting and even saving databases on your targets ?

@Niteshshaw2011 4 жыл бұрын

I love you videos. ♥️ Terminal Tex in this video is very small. Plz increase the font size next time. Great work guys 👍👍👍👌👌👌

@h4ckni0r38 5 жыл бұрын

Hey, Whats Up Kody, I Saw U I Kak5 Five And Wanted To Say, You Have Done A Very Good Job With This Channel

@Uneke 5 жыл бұрын

Ever thought of following up this video with an msf meterpreter video? You should definitely delve into it!

@galihpa 5 жыл бұрын

Sir next time you record a terminal window, please remember to increase the font size so that we can see the text clearly

@dareknaszlaku 4 жыл бұрын

Indonesia switch to 720p or 1080p.

@IgorogI1000 4 жыл бұрын

i had to use the system magnifier and a real one to be able to read

@Crazy--Clown 4 жыл бұрын

Use a magnifying glass

@nobeltnium 3 жыл бұрын

I had to use a microscope

@rifqioktario5546 3 жыл бұрын

Ah masa gakeliatan

@Dave-kq7gv 5 жыл бұрын

cool content as always, man! Would it be possible for you to ctrl-shift-+ your terminal windows? Some of the smaller text doesn't render well after youtube's processing/compression/whatever

@NullByteWHT 5 жыл бұрын

We'll make it bigger in future episodes

@MartianMoon 5 жыл бұрын

Null Byte thank you!

@mohsintahir8906 3 жыл бұрын

what type of terminal u r talking about is this linux i use ctrl + alt + t

@user-rv5qf1ud6j 3 жыл бұрын

@@mohsintahir8906 ctrl-shift-+ increases the text size *while* in the terminal

@5thfloor584 3 жыл бұрын

@15:20 thanks bro for telling me that at the very end, I thought Nikto was practically the same as nmap, so I ran it without a vpn.

@fritzz1593 2 жыл бұрын

Thanks bro for telling me

@johnvsf Жыл бұрын

Great video! Thank you for sharing!

@poms3559 5 жыл бұрын

One of the first viewers. Yesss!!!

@noelremasu Жыл бұрын

Great tutorial.. in your next videos please zoom in or increase the fonts of your terminal for better visibility

@kfp1200 4 жыл бұрын

This dude is actually staring at my soul in every video 🥴

@sluvvr 3 жыл бұрын

Y e a h 😶

@djparty95 2 жыл бұрын

Be careful! Staring in your history my be worse.

@abhishekpatil5768 Жыл бұрын

@@djparty95 🤣🤣

@stevenlewin4129 2 жыл бұрын

Why hasn't this guy got a million subs he is way better then David bombal and network chuck

@un4v5s83 4 ай бұрын

thank you very much for the nikto tutorial man

@tota_trader 3 ай бұрын

very nicely explained. Thanks

@dareknaszlaku 4 жыл бұрын

Have you done any Maltego episode? I just found most of it is America „focused” .

@angryoldcanadian3905 5 жыл бұрын

we need tutorials on Klatu and verata next

@theitguy3096 3 жыл бұрын

Just a friendly feedback: you may magnify the terminals, especially when typing the commands when the terminal is cleared and empty, e.g. @ 9:23. The clip looks like a blank screen with some little ascii on the top! :)

@mohsintahir8906 3 жыл бұрын

i like that sepread this just for knowledge purpose

@falcon_95 3 жыл бұрын

Hey really nice ! Do you know how to bypass firewalls ? For some reason, -sS flag doesnt work when the network is set up with firewall or antivirus

@Laflamablanca969 4 жыл бұрын

Awesome vid. I don’t think you blinked the entire time 😂👍

@cry6270 4 жыл бұрын

maybe he is reading what to say in the camera :)

@SatyamWakchaure Жыл бұрын

Your videos are great, really really helpful 👍🏻 But why don’t you make the font bigger ?? Please we need that.

@McnightStricker 5 жыл бұрын

thank you man this was good

@vikrambc6906 5 жыл бұрын

Hello, please provide a session on doing external pen test against public IP

@mavericks.9638 4 жыл бұрын

sir @Null Byte do you hack with your mac OS terminal or use a VM?

@ProfoundKnowledge 10 ай бұрын

May I ask what OS u are using that is best suited for cybersecurity activities 'cause I intend to buy a new one

@timothyschuebel5367 5 жыл бұрын

Thanks!

@dukewilson1970 5 жыл бұрын

Please kindly make a video series on shodan @Null Byte

@mocheford 5 жыл бұрын

thanks again, sempai

@minigeos 9 ай бұрын

very well explained

@fudoshin2776 3 жыл бұрын

I done this using a VPN and used my Linux server on Hyper V manager! Love your videos!!!

@mohsintahir8906 3 жыл бұрын

is there any free vpn and best?

@fudoshin2776 3 жыл бұрын

new era 2017 most free VPNS are not premium and pretty shit. I would recommend paying for one or just using a free trial

@mohsintahir8906 3 жыл бұрын

@@fudoshin2776 gud suggestion is there any trail bases for a long period supported 3 to 4 months

@fudoshin2776 3 жыл бұрын

new era 2017 no I don’t think so ( very unlikely) Different VPN providers have different time period free trials, some 7 days, 3 days, 1 month etc

@mohsintahir8906 3 жыл бұрын

@@fudoshin2776 nice

@alphacentauri8035 5 жыл бұрын

Great vid Whats the intro music?

@jeffpoague9831 3 жыл бұрын

Thanks for the info man!! No puns here.

@harrydamour7564 5 жыл бұрын

My friend 🙋‍♂️

@mohsintahir8906 3 жыл бұрын

i am using unity tweak tool i can just switch on windows only like in one window i can watch a video and it is playing but on the other i open a text based app or terminal etc how i can write there i am unable to write i want to use both what i do?

@thuggy67 4 жыл бұрын

I might be slow or blind but where did you scan for vulnerability eg. website.com ?

@Blacknova147 3 жыл бұрын

When I try to output the log to metasploit using '-Format msf+' kali linux spits back an error saying it's an invalid output format

@afzalthaivalikakkath4263 4 жыл бұрын

Hai, bud Do one carding vedio and tools used

@mohsintahir8906 3 жыл бұрын

10:35 u r using mac ? what is best for other intel pcs

@folgendhego7916 4 жыл бұрын

the best BLINK all the time 1:82

@francescopresta9570 5 жыл бұрын

Very good job

@paulmorrey733 5 жыл бұрын

Thanks

@kearala7 4 жыл бұрын

I found sql vuulnerabilty ,,will you help me in, how to search for suitable metasploit exploit for that..

@bootlegronin5082 3 жыл бұрын

NullByte how do I pair it with the exploit since msf+ isn't an option on my kali machine running kali 2020

@blakebarbee7224 4 жыл бұрын

Oh wow this is so cool.

@kiranrandhawa4709 3 жыл бұрын

@1:45 Altego?! Baltego?! What's the tool? Trying to scan our API to find out if there are any vulnerabilities.

@youbeenkumjarjaron 5 ай бұрын

very good video

@sasukeuchiha-gs7hd 5 жыл бұрын

Hi i did like the video but i had to stop it hundred of times cuz of the texts they are too small thx

@philipsuser6203 Жыл бұрын

Are we blinking at the same time? Or he won't blinking

@Virlo 5 жыл бұрын

How do you hack a phone only with the phone number, how can you listen to people calls with a program and see where they are exactly. I saw that they can find you, and listen to you through your phone, even when your phone is offline etc. How?

@sonofarabia3640 5 жыл бұрын

Fun fact. Saying nikto to Saudi. Can lead to injuries. Lol

@KINGCASH1337 5 жыл бұрын

Nikto means fucked him

@slaffkas 4 жыл бұрын

Nikto means "nobody" in Russian.

@bornabujanic7575 5 жыл бұрын

Hi again!

@jr8gong 4 жыл бұрын

good stuff but you need a magnifying glass to see the commands

@mohsintahir8906 3 жыл бұрын

hahaaha he safe his site they just tell how its work

@goodtallvideo4017 5 жыл бұрын

your the best man

@endless2333 2 жыл бұрын

Nice class about active scan in websites. But what you've said about using a vpn or thor cause of the "suspicious" behaviour with these tools gave me a doubt. I'm participating some bugbounty programs, and will only use this tool in authorized scopes of programs. Do you think is needed to use a vpn to hide my ip adress? What do you think about this? Thanks for the knowledge!

@bazookie7577 2 жыл бұрын

Tbh I would use a VPN or proxies no matter WHAT. I wouldn't risk it

@mohsintahir8906 3 жыл бұрын

can u tell me which linux u r using what type of linux system is best for find secure web kali , ubuntu or mac many people confusion on this i like ubuntu bcz its interface is beautiful but most ceh use kali or some red hat(tell me about your suggestions)

@alephanull1953 3 жыл бұрын

Kali linux or Parrot Security OS, you CAN use Ubuntu but Mali Linux has the tools you need to hack.

@scarytruths01 Жыл бұрын

Hm.. I have nord vpn but for some reason every time I log into it my internet doesn't work so iv been using mainly proxychains as a backup.

@maryamfarnegin1647 2 жыл бұрын

thanks a lot

@dervxerox 9 ай бұрын

"Now, before you start running Nikto on every site you can think of.." You should have put that warning near the beginning. 😅😅

@yareyaredacat9943 4 жыл бұрын

$1000 to anyone who can beat him in a staring contest

@PhotohackLovers 2 жыл бұрын

he said juicy... lol

@SayantanHack 4 жыл бұрын

Please increase the terminal font

@mrsmith4534 5 жыл бұрын

Yay

@jraymundotunortiz9138 3 жыл бұрын

How I can write the stray up lines in the terminal? | awk '/Up$/{print $2}' |

@netbin 5 жыл бұрын

hey null byte is there a way to run this scan way more faster? its taking such insane amount of time to finish it.

@DoorThief 5 жыл бұрын

I'm sure there are filtering options that will speed it up. Also limiting the IP range.

@ruinedeco3526 4 жыл бұрын

Tells me I shouldn’t do it on my ip at the end of the video after I’ve already done it 😂😂💀

@NullByteWHT 4 жыл бұрын

Oooppss

@quasa0 4 жыл бұрын

@@NullByteWHT ahahahahahahahha

@quasa0 4 жыл бұрын

@@NullByteWHT literally the same, but started trying it on my own websites ;P

@1980cantrell 5 жыл бұрын

I love nikto. I incorporated it into a tool I wrote in python. 😁. Great video , once again.😎😎

@mentix002 5 жыл бұрын

Tool*. And making a system command via a Python script isn't really something to be proud of.

@netbin 5 жыл бұрын

Can you show me some examples of your incorporation please?

@0dyss3us51 5 жыл бұрын

@@mentix002 auch way to stifle people growth and curiosity. What a role model.

@NullByteWHT 5 жыл бұрын

@Manan Yadav Why are you like this.

@1980cantrell 5 жыл бұрын

@@netbin build your tools and call nikto to scan for vulnerabilities. If any found than call to search for exploits if there are any than build your app/tool to execute payload. I can't give u an example here too much to write but if u search how to call nmap or nikto to use in python script it will show u how to call other tools to use in ur app..

@TheOmarBH 5 жыл бұрын

It works on WAN?

@arafangbarrow8517 5 жыл бұрын

I am New here cool 😎 place to learn! How can one contact you please?

@shadowsblack3896 5 жыл бұрын

Muy pequeño lo que se escribe en la terminal. No se alcanza a ver bien.

@rchilro 5 жыл бұрын

Use bigger fonts!!!

@bennypablodre7977 3 жыл бұрын

I need to learn 😩

@wishIKnewHowToLove 11 ай бұрын

15:13 wait how could i possibly do this in tor?

@dorsetdroneguy5804 3 жыл бұрын

So it’s an nmap video!

@sanayuj8364 3 жыл бұрын

Increase the front size

@nanayawoffeiafari9768 2 жыл бұрын

Excellent procedure but text are too small and not making the video interesting. Can you increase the text size a bit?

@luckycomputers4273 4 жыл бұрын

not visible clearly, too small display

@barkieboys646 5 жыл бұрын

What do you suggest me to do get an alfa adapter or an wifi pineapple nano?

@Lolzzn12 5 жыл бұрын

those are two completely separate things, the amount of script kiddies these videos attract is wild.

@barkieboys646 5 жыл бұрын

Lolzzn12 Please don’t react when you have no knowledge ...

@barkieboys646 5 жыл бұрын

Both are capable of monitor mode and package injection , both are able to start an evil twin attack , both can deauthenticate networks , but the pineapple nano got a better UI and is able to run many modules when the rogue acces point is online. It also has a better range. The only thing that stops me from buying the nano is money ...

@q8tech108 3 жыл бұрын

I want read results idk where and how

@ajcarlo9992 3 жыл бұрын

u look like Jake Gyllenhaal in the nightcrawler movie, and bobby fischer all in one

@PhotohackLovers 2 жыл бұрын

null byte never blinks, I'm hear for it.

@StuxNETozor 5 жыл бұрын

Let's go deeper and user Python / Ruby and do it with libraries, it's time to level up

@ZZz-jq4tt 4 жыл бұрын

Very interesting for an outsider. Flooded with recondite juvinile passion for mischievous rebellion. The shoud of propriety, that noetical floatsom is transubstantiated to a Universe of possibilities. Laurels for Null Byte. Surely it's a high offense to inspire, educate or dilate. VRYetc. Keep the faith 00koba

@ZZz-jq4tt 4 жыл бұрын

@@tochirochi4965good of you to criticize ✓ r.thumb extensor tendon is dodgy, i got blown up. so when i wax lyrical i tend to use my dominant hand. i also speak normal, errr.. they way i think anyways

@liamtwine2267 2 жыл бұрын

Why don't you make videos anymore

@theazza 3 жыл бұрын

Null Byte s’helpful.

@xbloodymatter9654 5 жыл бұрын

I have a question, can you somehow break the secure desktop security in windows? In such a way that, for example, a keylogger process would work in order to intercept the password from uac prompt.