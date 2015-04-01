

Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.



Nikto is not designed as a stealthy tool. It will test a web server in the quickest time possible and is obvious in log files or to an IPS/IDS. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).





Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.





Features:

SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's

Perl/NetSSL)

Full HTTP proxy support

Checks for outdated server components

Save reports in plain text, XML, HTML, NBE or CSV

Template engine to easily customize reports

Scan multiple ports on a server, or multiple servers via input file (including nmap output)

LibWhisker's IDS encoding techniques

Easily updated via command line

Identifies installed software via headers, favicons and files

Host authentication with Basic and NTLM

Subdomain guessing

Apache and cgiwrap username enumeration

Mutation techniques to "fish" for content on web servers

Scan tuning to include or exclude entire classes of vulnerability

checks

Guess credentials for authorization realms (including many default id/pw combos)

Authorization guessing handles any directory, not just the root

directory

Enhanced false positive reduction via multiple methods: headers,

page content, and content hashing

Reports "unusual" headers seen

Interactive status, pause and changes to verbosity settings

Save full request/response for positive tests

Replay saved positive requests

Maximum execution time per target

Auto-pause at a specified time

Checks for common "parking" sites

Logging to Metasploit

Thorough documentation

Basic Usage: