Exploring Kali Linux Tools for Website Scanning via IP Address
jadavvineet73
340 views
17 slides
Jul 06, 2024
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
This presentation provides an in-depth exploration of various tools available in Kali Linux for conducting website scans through IP addresses. Designed for students, the slides cover the functionality, usage, and practical applications of these tools in cybersecurity and ethical hacking. for more vi...
Slide Content
“ Generate a comprehensive report on diverse tools accessible within Kali Linux for conducting scans on websites through their IP addresses. Outline the procedures and commands for obtaining assistance ” - Manoj G
Abstract: Kali Linux, a robust penetration testing and security auditing Linux distribution, offers a plethora of tools for conducting comprehensive scans on websites via their IP addresses. This report explores the diverse range of tools available in Kali Linux, detailing their functionalities and specific use cases in web-based IP scanning. It provides step-by-step procedures, commands, and methods for obtaining assistance within the Kali Linux environment, ensuring that users can effectively identify vulnerabilities, explore network structures, and assess security postures . This guide is designed for cybersecurity professionals and enthusiasts aiming to enhance their web security measures . Nmap Armitage Nikto Metasploit
Research: Name : GeeksforGeeks URL : https:// www.geeksforgeeks.org/nmap Category/Type : Scanning Guides and commands Overall Ranking/Usage/Popularity: GeeksforGeeks is a leading platform that provides computer science resources and coding challenges for programmers and technology enthusiasts, along with interview and exam preparations for upcoming aspirants. With a strong emphasis on enhancing coding skills and knowledge, it has become a trusted destination for over 12 million plus registered users worldwide. The platform offers a vast collection of tutorials, practice problems, interview tutorials, articles, and courses, covering various domains of computer science.
About Scanning Tolls in Kali : Nmap (Network Mapper ) : Nmap is a versatile network scanning tool that identifies hosts, services, and operating systems. It's widely used for network discovery and security auditing . Armitage : Armitage is a graphical user interface (GUI) front-end for the Metasploit Framework, designed for penetration testing and network security assessments . Nikto is a web server scanner that identifies vulnerabilities, outdated software, and server misconfigurations Metasploit Framework is a powerful tool for developing, testing, and executing exploit code against remote targets. It's widely used for penetration testing and vulnerability assessment.
Nmap : Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime . Key among that information is the “interesting ports table”. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered. Open means that an application on the target machine is listening for connections/packets on that port. Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. Syntax : nmap [Scan Type(s)] [Options] {target specification}
Nmap : nmap -v -A scanme.nmap.org The command nmap -v -A scanme.nmap.org performs a detailed and aggressive scan on the host scanme.nmap.org. Here’s a breakdown of what each option (-v and -A) does in this context: -v : Increases verbosity level. This option makes Nmap output more detailed information during the scan process, providing insights into each stage of the scan. -A : Enables aggressive scanning options. This includes: OS detection (-O): Attempts to determine the operating system of the target machine. Version detection (- sV ): Determines versions of services running on open ports. Script scanning (- sC ): Runs default scripts to gather additional information. Traceroute (-- traceroute ): Maps the network path to the target.
As you can see the number of ports open and what OS is being used to host the website - sS nmap 192.168.1.1 -sS TCP SYN port scan - sT nmap 192.168.1.1 -sT TCP connect port scan (Default without root privilege) - sU nmap 192.168.1.1 -sU UDP port scan
Metasploit Metasploit's open-source framework, Metasploit Framework, is a Ruby-based tool that allows users to write, test, and execute exploit code on remote systems. It includes a set of tools for testing security vulnerabilities, enumerating networks, executing attacks, and evading detection. Metasploit also includes anti-forensics and remediation tools, some of which are built into the framework. Metasploit is a powerful penetration testing framework that can be used to scan for vulnerabilities in a website using its IP address. This Framework keeps on getting updated , at present we can see 2407 exploits,1239 auxiliary, 432 posts , 1468 payloads , 47 encoders, 9 evasions.
Open Metasploit Framework: msfconsole Load the auxiliary scanner module: use auxiliary/scanner/ portscan / tcp Set the target IP address: set RHOSTS <website- ip > Here as we can see metaspolit framework scanning the IP address and giving the relevent information of the website we are trying to access. There are 3 open ports of TCP
Nikto : Nikto is an open-source web server scanner that identifies potential vulnerabilities by checking for outdated software, misconfigurations, and dangerous files. It scans websites using their IP addresses and supports SSL, multiple ports, and customizable options for detailed and comprehensive security assessments. Nikto is a command-line tool, you can use the help command to get a list of options : nikto –Help To perform a simple domain scan, use the -h (host) flag: nikto -h scanme.nmap.org Nikto will perform a basic scan on port 80 for the given domain and give you a complete report based on the scans performed
To scan multiple IP addresses or domains, just put them in a text file separated by newlines. Nikto will know that the scan has to be performed on each domain / IP address. Let's assume we have a file named domains.txt with two domain names: scanme.nmap.org , nmap.org . To scan both of them with Nikto , run the following command: nikto -h domains.txt
Armitage : Armitage is a graphical interface for the Metasploit Framework, used primarily in penetration testing and network security assessments. It streamlines tasks such as reconnaissance, vulnerability scanning, and exploitation through its intuitive GUI. Armitage facilitates teamwork by allowing multiple users to collaborate on projects, visualizes network topology, and provides tools for managing and exploiting discovered vulnerabilities. It supports various scanning techniques, integrates with Metasploit's extensive database of exploits, and offers features like session handling and reporting. Armitage is favored for its user-friendly approach in navigating complex security testing scenarios, making it accessible to both beginners and seasoned professionals.
Steps to be followed : Launch Armitage : Connect to the Metasploit Framework: Armitage will automatically connect to the Metasploit Framework if it is running locally. Select a Target: Click on Hosts in the top menu , Choose Nmap Scan Configure Scan Options: Enter the IP address of the target. Choose the type of scan you want (e.g., Quick Scan, Intense Scan). Run the Scan: Click Scan to start the scan process.
Armitage scan results
Reference http://testfire.net/ https:// nmap.org https:// a cademy.hackthebox.com https://www.geeksforgeeks.org/nmap
Questions ?
Thank You!
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 340
- Slides 17
- Age 513 days
Related Slideshows
1
MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf
mannyvesa
26 views
16
EUNITED_Advocacy and Public Engagement through Visual Media
GeorgeDiamandis11
30 views
31
DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx
HibaZaidi2
24 views
36
DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx
HibaZaidi2
27 views
112
Hinduism and Its History - PowerPoint Slides.pptx
ConorMcCormack10
23 views
20
Service Attributes of Manufactured Parts.pptx
MustafaEnesKrmac
24 views