Hi guys. Here’s a neat, FREE software called Wikto by Sensepost which allows you and I to quickly perform web server assessments. Wikto will

• find interesting directories and files on the web site
• look for sample scripts that can be abused
• find known vulnerabilities in the web server implementation itself

So I tested it out in rangit.com and found around 30 light vulnerabilities. I was a bit shocked to find such a list. Really. There were a few requests that hackers can use to execute SQL Injections. Scary but REAL. Remember, with this tool you can scan any website for their vulnerabilities. Here’s a screenshot of mine.

To use Wikto you need to get 2 other things.

1. WinHTTrack
2. HTTprint

After successfully installing all 3 softwares, go to Wikto’s ‘SystemConfig’ tab. There are 4 important things to configure for Wikto to work.

HTTrack

Locate the HTTrack folder and point to the file ‘httrack.exe’ in your program files.

Cache

Create a new folder for storing data. I created one in C: and named it ‘Temp’. After creating, point to it.

HTTPrint

Locate HTTPrint folder and point to the file called ‘win32′.

NiktoDB

Click on the button and download the latest database for scanning. This is essential for first timers.

After that, go to the ‘Wikto’ tab and enter a website. Click ‘Start Wikto’. Basic tests commands will be carried out from NiktoDB. Watch the scanned vulnerabilities appear one by one.

The solution would be to talk to your web host about the scan results. Show what you’ve found and and see what your web host says.

Sensepost Wikto
Web server assessment tool

Here’s a cool video explaining what bandwidth is. This geeky guy with long hair and unshaven chin explains very well in simple terms on what bandwidth means.

Web Hosting Bandwidth
What bandwidth is all about

Mind boggling. Also, learn how to steal a page layout by just watching =)

Web 2.0 … The Machine is Us/ing Us
Awesome and frightening at the same time