See Peter Gianoullis' Wikto demo in a larger window.
Wikto may not test for SQL injections, but it is still an essential tool for penetration testers who are looking for vulnerabilities in their Internet-facing Web servers.
This month, Peter Giannoulis of The Academy.ca demonstrates how Wikto can display the good and bad directories contained on a Web server. Also, see for yourself what other kinds of information can be gathered about a specific website, and which plug-ins will allow you to get the most out of the free tool.
For more information about the tool you've seen here:
About the author: Peter Giannoulis, GSEC, GCIH, GCIA, GCFA, GCFW, GREM, CISSP, is an information security consultant in Toronto, Ontario. He currently maintains www.theacademy.ca, which provides organizations streaming video on how to configure and troubleshoot many of today's top security products. He also serves as a technical director for GIAC.
Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
News roundup: Heartbleed vulnerabilities, point-of-sale malware and phishing scams are nothing new, yet numerous companies continue to fall victim to them. Shouldn't the lesson be learned by now? Plus: HTTP Shaming, Dropbox improvements and more.