Nikto

Finds various default and insecure files, configurations and programs.
Download

Nikto Ranking & Summary

Advertisement

  • Rating:
  • License:
  • GPL
  • Publisher Name:
  • CIRT, Inc.
  • Publisher web site:
  • Operating Systems:
  • Mac OS X/Unix/Linux
  • File Size:
  • 484KB

Nikto Tags


Nikto Description

Advertisement Nikto is a Security software developed by CIRT, Inc.. After our trial and test, the software is proved to be official, secure and free. Here is the official description for Nikto: Nikto is a web server assessment tool. It is designed to find various Default and insecure files, configurations and programs on any type of web server.Nikto is PERL software designed to find many types of web server problems, including: Server and software misconfigurations Default files and programs Insecure files and programs Outdated servers and programs Nikto is built on LibWhisker and can run any platform which has a PERL runtime, and supports SSL, proxies, host authentication, IDS evasion and more. It can be updated automatically from the command-line, and supports the optional submission of updated version data back to the maintainers. Features Uses rfp's LibWhisker as a base for all network funtionality Main scan database in CSV format for easy updates Fingerprint servers via Favicon.ico files Determines "OK" vs "NOT FOUND" responses for file type, if possible Determines CGI directories for each server, if possible Switch HTTP versions as needed so that the server understands requests properly SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's Perl/NetSSL) Output to file in plain text, HTML or CSV Plugin support (standard PERL) Checks for outdated server software Proxy support (with authentication) Host authentication (Basic) Watches for "bogus" OK responses Attempts to perform educated guesses for Authentication realms Captures/prints any Cookies received Mutate mode to "go fishing" on web servers for odd items Builds Mutate checks based on robots.txt entries (if present) Scan multiple ports on a target to find web servers (can integrate Nmap for speed, if available) Multiple IDS evasion techniques Users can add a custom scan database Supports automatic code/check updates (with web access) Multiple host/port scanning (scan list files) Username guessing plugin via the cgiwrap program and Apache ~user methods.


Nikto Related Software

About SoftwareSea