Web application scanners focus primarily on detecting and identifying vulnerabilities on web servers, websites, and web applications. In your career in cybersecurity, whether as a penetration tester or a security practitioner, you may be tasked to perform some sort of security auditing on a target website or web server.

However, as a penetration tester, we need to be able to discover security misconfigurations and weaknesses on a target website and web server. An organization may contract you to perform a penetration test on their website rather than on their network, or even both. Remember the goal of having a penetration test done on an object such as a website is to identify the vulnerabilities and remediate them as soon as possible before an actual hacker is able to compromise the system and exfiltrate data.

There are many web application scanners available on the market, from commercial to free and open source; here are some of them:

• Acunetix vulnerability scanner (commercial)
• w3af (free)
• Nikto (free)
• Burp Suite (commercial and free)
• IBM AppScan (commercial)

In the remaining sections of this chapter, we will cover various exercises using Nikto, WPScan, and Burp Suite to detect and identify security vulnerabilities on a target web server.

Let's take a deep dive into learning about Nikto in the next section.