The purpose of this test is to find open ports and identify the services running on them, such as databases or administrative interfaces. Useful tools will be here – nmap port and service scanner and security scanner of web applications Nikto. The image below shows the result of scanning the tested application with Nmap, which managed to locate 15 open ports.
Figure. Nmap scan result. Source: [Own study]
The graphic below shows the result of the scan with Nikto,which noted the lack of basic security headers such as X-Frame-Options or X-XSS-Protection.
Figure. The result of the scan with Nikto. Source: [Own study]