Wikto is a web server assessment tool. It uses GHDB as one of the section when finding the vulnerabilities on the target site. Can anybody tell what is GHDB and how it is useful in finding the vulnerabilities?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Wikto is a web server assessment tool. It uses GHDB as one of the section when finding the vulnerabilities on the target site. Can anybody tell what is GHDB and how it is useful in finding the vulnerabilities?
The Google Hacking Database is a database list of queries that expose known issues with software that runs websites. There are some bugs that expose information you might not want the public reading (passwords, etc).
This isn’t hacking you understand. This is just stuff Google has picked up while browsing around sites.
But turning to the scanner, anything which relies just on what Google can see isn’t going to be very thorough for security analysis. Without looking too closely, I imaging wikto uses the patterns in the GHDB and tests them against your own site. If it finds matches, you might have a problem.
It’s not going to test for actual exploits which are a real issue and will usually leave you much more open.