Vulnerability assessment
Server-side attacks are exploiting and finding vulnerabilities in services, ports, and applications running on a server. For example, a web server has several attack vectors. It is a server running an operating system and running various pieces of software to provide web functionality. It has many open TCP ports. Each one of these vectors could harvest a vulnerability that an attacker could exploit to get into the system and obtain valuable information. Many protocols on servers are handled through readable non-encrypted text.
Let's take a look at some tools available in Kali for identifying vulnerabilities on servers.
Webshag
Webshag is a multi-threaded, multi-platform tool used to audit web servers. Webshag gathers commonly useful functionalities for web servers such as port scanning, URL scanning and file fuzzing. It can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (basic or digest). In addition, Webshag can use IDS...
