See Peter Gianoullis' Wikto demo in a larger window.
Wikto may not test for SQL injections, but it is still an essential tool for penetration testers who are looking for vulnerabilities in their Internet-facing Web servers.
This month, Peter Giannoulis of The Academy.ca demonstrates how Wikto can display the good and bad directories contained on a Web server. Also, see for yourself what other kinds of information can be gathered about a specific website, and which plug-ins will allow you to get the most out of the free tool.
For more information about the tool you've seen here:
About the author: Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains www.theacademy.ca, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.
Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
The opening of an IT service centre in Chennai last week will kick off AstraZeneca’s bold insourcing strategy, announced earlier this year, and focus on a trend that is seeing large businesses invest in global delivery operations.
The number of active wireless connected devices will exceed 40.9 billion by 2020 – more than double the current total, according to ABI Research. The explosion in connected devices will be driven by the internet of things (IoT).
IT infrastructure and operations (I&O) skills including capacity planning and performance management, which are widely valued in datacentres, are no longer sufficient to meet business needs in the digital economy era, analyst firm Gartner has warned.
The concept of data privacy in the age of big data may seem somewhat antithetical to most commercial data-gathering operations, but organizations that don't respect their users' privacy may soon have big problems on their hands.
Vendors are hurriedly implementing a new patch released over the weekend for the 'Shellshock' Bash vulnerability, but researchers have since found more Bash flaws that will likely need prompt remediation.
Malvertising is already being used by attackers as a delivery mechanism for exploit kits, and new research reveals the problem is likely to get worse, specifically in the form of malicious Flash banners.