Screencast: How to use Wikto for Web server assessment


Screencast: How to use Wikto for Web server assessment

Peter Gianoullis, Contributor

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

Watch the presentation in full-screen

See Peter Gianoullis' Wikto demo in a larger window. 
Wikto may not test for SQL injections, but it is still an essential tool for penetration testers who are looking for vulnerabilities in their Internet-facing Web servers.

This month, Peter Giannoulis of The demonstrates how Wikto can display the good and bad directories contained on a Web server. Also, see for yourself what other kinds of information can be gathered about a specific website, and which plug-ins will allow you to get the most out of the free tool.

For more information about the tool you've seen here:

  • Only a few years ago, Information Security magazine named Wikto one of five 'must-have hacker tools.' See which other products made the list. (Login required)
  • Learn how Wikto and other tools run automatic Google scans against your company's domain to determine if sensitive information is exposed via a search query.
  • Get the latest news and expert advice on penetration testing and ethical hacking.

    Want more screencasts? Make sure to check out our other demonstrations of today's security tools.

    About the author:
    Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.

    This was first published in August 2008

  • Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.