Linux SoftwareSystemNetworkingNikto 1.35

Nikto 1.35


Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over
Developer:   CIRT.net
      more software by author →
Price:  0.00
License:   GPL (GNU General Public License)
File size:   188K
Language:   
OS:   
Rating:   0 /5 (0 votes)
Your vote:  
enlarge screenshot


Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous CGIs/files, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and it's fairly obvious in log files. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).

Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for items that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.

Here are some key features of "Nikto":
  • Uses rfp's LibWhisker as a base for all network funtionality
  • Main scan database in CSV format for easy updates
  • Determines "OK" vs "NOT FOUND" responses for each server, if possible
  • Determines CGI directories for each server, if possible
  • Switch HTTP versions as needed so that the server understands requests properly
  • SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's Perl/NetSSL)
  • Output to file in plain text, HTML or CSV
  • Generic and "server type" specific checks
  • Plugin support (standard PERL)
  • Checks for outdated server software
  • Proxy support (with authentication)
  • Host authentication (Basic)
  • Watches for "bogus" OK responses
  • Attempts to perform educated guesses for Authentication realms
  • Captures/prints any Cookies received
  • Mutate mode to "go fishing" on web servers for odd items
  • Builds Mutate checks based on robots.txt entries (if present)
  • Scan multiple ports on a target to find web servers (can integrate nmap for speed, if available)
  • Multiple IDS evasion techniques
  • Users can add a custom scan database
  • Supports automatic code/check updates (with web access)
  • Multiple host/port scanning (scan list files)
  • Username guessing plugin via the cgiwrap program and Apache ~user methods

    What's New in This Release:
  • Added -config option to specify a config file (from Pavel Kankovsky)
  • Added enhanced content checking to reduce false positives (from Pavel Kankovsky)
  • Added more explicit licensing to code/databases
    tags web servers  for each  scan database  each server  pavel kankovsky  kankovsky added  checks for  from pavel  may not  log files  servers for  there are  are some  

    Download Nikto 1.35


     http://www.cirt.net/nikto/nikto-current.tar.gz


    Authors software

    Nikto 1.35 (by CIRT.net)
    Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over


    Similar software

    Nikto 1.35 (by CIRT.net)
    Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over

    Template::Tutorial 2.15 (by Andy Wardley)
    Template::Tutorial are template toolkit tutorials.

    This section includes tutorials on using the Template Toolkit

    Simple scAnning Tool 1.2 (by azurIt)
    Simple scAnning Tool is a simple and fast network scanner

    Network Security Analysis Tool 1.5 (by mixter)
    Network Security Analysis Tool is a fast, stable bulk security scanner designed to audit remote network services and check for versio

    MathML::Entities 0.13 (by Jacques Distler)
    MathML::Entities is a Perl module that can convert XHTML+MathML Named Entities to Numeric Character References.

    SYNOPSIS

    use M

    PBNJ 2.04 (by Joshua D. Abraham)
    PBNJ is a network tool that can be used to give an overview of a machine or multiple machines which includes the details about the se

    MoSSHe 1.3.11 (by Volker Tanger)
    MoSSHe (MOnitoring with SSH Environment) is a simple, lightweight (both in size and system requirements) server monitoring package de

    Nessus 2.2.9 (by Tenable Network Security)
    Nessus project is the world's most popular open-source vulnerability scanner used in

    AntiVirus Scanner 0.8.5 (by Tara Milana, Wolfpack Entertainment)
    AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav).

    AntiVirus Scanner allow

    The EDDIE Tool 0.35 (by Chris Miles)
    The EDDIE Tool is a system monitoring, security and performance analysis agent developed entirely in Python


    Other software in this category

    Nmap 4.20 (by Fyodor)
    Nmap is a utility for network exploration or security auditing

    iptables 1.3.7 (by Harald Welte)
    iptables and netfilter are building blocks of a framework inside the Linux 2.4.x and 2.6.x kernel

    Linux Bandwidth Arbitrator 9.62 (by astormchaser)
    Linux Bandwidth Arbitrator allows beginning-to-advanced network administrators to control bandwidth

    Ettercap 0.7.3 (by ALoR NaGA)
    Ettercap is a network sniffer/interceptor/logger for ethernet LANs

    rdesktop 1.5.0 (by matthewc)
    rdesktop is an open source client for Windows NT Terminal Server and Windows 2000/2003 Terminal Services, capable of natively speakin

  •     search


    Featured Software

    jEdit 4.3 pre8
    jEdit is an Open Source text editor written in Java

    Opera 9.02
    Surf the Internet in a safer, faster, and easier way with Opera browser

    GNU Aspell 0.60.4
    GNU Aspell is a Free and Open Source spell checker designed to eventually replace Ispell


    Subscribe in Rojo
    Google Reader
    Add to My Yahoo!

    Add to My AOL
    Subscribe with Bloglines
    Subscribe in NewsGator Online
    Add 'nixbit linux software' to Newsburst from CNET News.com
    del.icio.us nixbit linux software


    Top tags