Nikto 2.1.4

Operating systemsOS : Windows / Linux / Mac OS / BSD / Solaris
Program licensingScript Licensing : GPL - GNU General Public License
CreatedCreated : Aug 12, 2011
Size downloadDownloads : 11
Program licensing
Thank you for voting...

Nikto performs comprehensive tests against web ...

nikto by Chris Sullo and David Lodge performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
Nikto 2.1.4 is written in Perl and verifies server_config for duplicate index files, HTTP server options and installed web server software.
It provides feedback, allowing admins to have their server up to date at all time.
Most important functions of Nikto [nikto2.1.4.exe]:

• SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's Perl/NetSSL)

• Full HTTP proxy support

• Checks for outdated server components

• Save reports in plain text, XML, HTML, NBE or CSV

• Template engine to easily customize reports

• Scan multiple ports on a server, or multiple servers via input file (including nmap output)

• LibWhisker's IDS encoding techniques

• Easily updated via command line

• Identifies installed software via headers, favicons and files

• Host authentication with Basic and NTLM

• Subdomain guessing

• Apache and cgiwrap username enumeration

• Mutation techniques to "fish" for content on web servers

• Scan tuning to include or exclude entire classes of vulnerability checks

• Guess credentials for authorization realms (including many default id/pw combos)

• Authorization guessing handles any directory, not just the root directory

• Enhanced false positive reduction via multiple methods: headers, page content, and content hashing

• A "single" scan mode that allows you to craft an HTTP request by hand

• Reports "unusual" headers seen

• Interactive status, pause and changes to verbosity settings

• Logging to Metasploit

• Thorough documentation
News in the current Nikto - 0MB version:

• Parsing of nmap greppable output now checks any port description matching http

• Fix a potential for false positives or negatives with version matches

• Not all udb* files were loaded properly

• Server name not properly printed in update/submission output

• Variable consolidation & memory usage cleanup

• Move message on -root from notices to target host info (suggestion from YGN)

• Automatically escape invalid regexes in databases at run-time, so no dying

• Added Nikto 2.1.4_ssl. plugin to check cert's CN vs hostname

• Add basic retry on error in nfetch()

• Change how db_404_strings are used by moving where they are checked to reduce FP

• Fix missing url sent to rm_active_content during error mapping--should prevent many FPs

• Make nikto_multiple_index. plugin only look at 200 responses

Nikto 2.1.4 scripting tags: server scanner, version, multiple, server config, server security, files, servers, checks, nikto. What is new in Nikto 2.1.4 software script? - Unable to find Nikto 2.1.4 news. What is improvements are expecting? Newly-made Nikto 2.2 will be downloaded from here. You may download directly. Please write the reviews of the Nikto. License limitations are unspecified.