Hey everyone,

I wanted to share my experience running a website scan using Kali Linux and get some feedback or suggestions from others who do similar testing.

I spun up Kali and used a few of the standard tools to evaluate the security posture of a client website (with permission, of course). Here’s a quick breakdown of what I did:

Tools Used:

• nmap – for port scanning and service detection
• nikto – quick web server vulnerability scan
• dirb – brute-force directory and file discovery
• whatweb – to fingerprint the web technologies in use
• gobuster – for faster directory brute-forcing
• wpscan – since it’s a WordPress site
• sslscan / sslyze – to check SSL/TLS configurations

Sample Command Highlights:

bash

nmap -sV -T4 targetsite.com nikto -h https://targetsite.com gobuster dir -u https://targetsite.com -w /usr/share/wordlists/dirb/common.txt wpscan --url https://targetsite.com --enumerate p

Findings:

• SSL settings need hardening (e.g., TLS 1.0 still enabled)
• Admin panel was accessible without IP restrictions
• Outdated WordPress plugins detected
• Some hidden directories exposed via gobuster

Next Steps:
I’m drafting a formal report now, but I’d love any advice on:

• Additional tools I should be using for deeper inspection
• Best ways to validate false positives
• Open-source tools for automated report generation from scan outputs

Let me know what your typical workflow looks like, or any newer tools you’ve added to your Kali setup.

Cheers!
—Joseph