Nikto is a Web Server scanner that will inform you in case there is an outdated software version, if it finds some insecure or default files / directories and about some possible server misconfigurations. Nikto comes pre-installed on Kali Linux and some times it can help you find some hidden Gems on the web server you are testing. dmg file from the official website and do a normal installation like in every other application. Installation of Nmap is really simple and it does not require any typing at all. I prefer using Nmap but in some cases, like for example when you have multiple hosts to scan, Zenmap makes reading them much easier. For those who don’t like the terminal Zenmap is the perfect tool. On Mac OS Nmap comes with ZenMap, in the installation pack. Used widely, mainly because of the incredible power and flexibility it offers. Nmap is the best port scanning tool you can use and also open source. The available RAM of course is much less than the actual host and some times configuring things can be complex. Running a Virtual Machine is not as easy as running the tools in a host Operating System. For that purpose I was using Kali Linux as a Virtual Machine, mainly because all the tools are pre-installed there. I was playing with Metasploit Framework and I was using the msfvenom payload.
