Wikto may not test for SQL injections, but it is still an essential tool for penetration testers who are looking for vulnerabilities in their Internet-facing Web servers.
This month, Peter Giannoulis of The Academy.ca demonstrates how Wikto can display the good and bad directories contained on a Web server. Also, see for yourself what other kinds of information can be gathered about a specific website, and which plug-ins will allow you to get the most out of the free tool.
For more information about the tool you've seen here:
- Only a few years ago, Information Security magazine named Wikto one of five 'must-have hacker tools.' See which other products made the list. (Login required)
- Learn how Wikto and other tools run automatic Google scans against your company's domain to determine if sensitive information is exposed via a search query.
- Get the latest news and expert advice on penetration testing and ethical hacking.
Want more screencasts? Make sure to check out our other demonstrations of today's security tools.
Watch in full-screen!
See Peter Gianoullis' Wikto demo in a larger window.
About the author:
Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains www.theacademy.ca, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.