Use Web Application Scanners

Learn to utilize web application scanners to identify vulnerabilities on a web server. You will use Nikto and Arachni to perform a scan of several ports and save the outputs to a file.

Time
45 minutes
Difficulty
Intermediate
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Overview

Note: Once you begin the Challenge Lab, you will not be able to pause, save, or exit and then return to your Challenge Lab. Please ensure that you have set aside enough time to complete the Challenge Lab before you start.

Objective

You are a security administrator. You need to ensure your web servers are configured securely. First, you will use Nikto to perform a scan of 443 on the server 192.168.1.12 and save the output to a file. Next, you will use Nikto to scan ports 80 and 443 on the server 192.168.1.12, and then you will save the output to a file. Finally, you will use Arachni to scan ports 80 and 443 on the server 192.168.1.12 from the command line, and then you will save the output to a file.

Understand Your Environment

You will be using a Kali instance and a Windows® 10 instance to complete the challenge.