Automated Web Scanning
Automated Web Scanning¶
From IP:
X-Forwarded-For: 127.0.0.1
X-Real-IP: 127.0.0.2
Nikto2¶
To scan a particular host:
nikto -h [host IP/name]
To scan a host on multiple ports (default = 80):
nikto -h [host IP/name] -port [port number 1], [port number 2], [port number 3]
To scan a host and output fingerprinted information to a file:
nikto -h [host IP/name] -output [output_file]
To use a proxy while scanning a host:
nikto -h [host IP/name] -useproxy [proxy address]
Old URLs¶
Getting URLs from archive.org:
waybackurls https://redacted.org/ | uro | grep “.php” > php-files.txt
Get parameters:
cat php-files.txt | grep -i get | sed 's/.*.get//' | sort -u