Nikto 1.35
Sponsored Links
Nikto 1.35 Ranking & Summary
File size:
0.18 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
1413
Date added:
2006-03-03
Publisher:
CIRT.net
Nikto 1.35 description
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous CGIs/files, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and its fairly obvious in log files. However, there is support for LibWhiskers anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for items that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.
Main features:
- Uses rfps LibWhisker as a base for all network funtionality
- Main scan database in CSV format for easy updates
- Determines "OK" vs "NOT FOUND" responses for each server, if possible
- Determines CGI directories for each server, if possible
- Switch HTTP versions as needed so that the server understands requests properly
- SSL Support (Unix with OpenSSL or maybe Windows with ActiveStates Perl/NetSSL)
- Output to file in plain text, HTML or CSV
- Generic and "server type" specific checks
- Plugin support (standard PERL)
- Checks for outdated server software
- Proxy support (with authentication)
- Host authentication (Basic)
- Watches for "bogus" OK responses
- Attempts to perform educated guesses for Authentication realms
- Captures/prints any Cookies received
- Mutate mode to "go fishing" on web servers for odd items
- Builds Mutate checks based on robots.txt entries (if present)
- Scan multiple ports on a target to find web servers (can integrate nmap for speed, if available)
- Multiple IDS evasion techniques
- Users can add a custom scan database
- Supports automatic code/check updates (with web access)
- Multiple host/port scanning (scan list files)
- Username guessing plugin via the cgiwrap program and Apache ~user methods
Enhancements:
- Added -config option to specify a config file (from Pavel Kankovsky)
- Added enhanced content checking to reduce false positives (from Pavel Kankovsky)
- Added more explicit licensing to code/databases
Nikto is not designed as an overly stealthy tool. It will test a web server in the shortest timespan possible, and its fairly obvious in log files. However, there is support for LibWhiskers anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for items that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.
Main features:
- Uses rfps LibWhisker as a base for all network funtionality
- Main scan database in CSV format for easy updates
- Determines "OK" vs "NOT FOUND" responses for each server, if possible
- Determines CGI directories for each server, if possible
- Switch HTTP versions as needed so that the server understands requests properly
- SSL Support (Unix with OpenSSL or maybe Windows with ActiveStates Perl/NetSSL)
- Output to file in plain text, HTML or CSV
- Generic and "server type" specific checks
- Plugin support (standard PERL)
- Checks for outdated server software
- Proxy support (with authentication)
- Host authentication (Basic)
- Watches for "bogus" OK responses
- Attempts to perform educated guesses for Authentication realms
- Captures/prints any Cookies received
- Mutate mode to "go fishing" on web servers for odd items
- Builds Mutate checks based on robots.txt entries (if present)
- Scan multiple ports on a target to find web servers (can integrate nmap for speed, if available)
- Multiple IDS evasion techniques
- Users can add a custom scan database
- Supports automatic code/check updates (with web access)
- Multiple host/port scanning (scan list files)
- Username guessing plugin via the cgiwrap program and Apache ~user methods
Enhancements:
- Added -config option to specify a config file (from Pavel Kankovsky)
- Added enhanced content checking to reduce false positives (from Pavel Kankovsky)
- Added more explicit licensing to code/databases
Nikto 1.35 Screenshot
Nikto 1.35 Keywords
Nikto 1.35
Open Source
IDS
open source web server
web server scanner
open source web
web servers
web server
source web
Server Scanner
Nikto
web
server
items
servers
multiple
Bookmark Nikto 1.35
Nikto 1.35 Copyright
WareSeeker periodically updates pricing and software information of Nikto 1.35 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Nikto 1.35 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
open source web design
proxy servers
open source web templates
servers for client.silabsoft.org
computer servers
proxy server
open source website builder
open source web browser
open source web editor
internet servers
web proxy servers
open source web development
web server scanners
web servers websites hosts in usa
types of web servers
check the ad server
web servers examples
web server monitoring
Related Software
LibHTTPD can be used to add basic Web server capabilities to an application or embedded device. Free Download
CrunzhMonitor is a small program to check the stability of your web server. Free Download
ListenUp is a client/server solution for recording sound in a web browser, and uploading that sound to a web server using simple GUI. Web designers ca... Free Download
Hop is a new programming language designed for the Web 2.0. Free Download
mod_ruby embeds the Ruby interpreter into the Apache web server, allowing Ruby CGI scripts to be executed natively. Free Download
msn-gateway is an MSN messenger gateway for mobile phones using email and a Web server. Free Download
Qubit (Qmail Ultimate Backend Integration Tool) is a fully Web-based qmail server configuration and administration suite. Free Download
justniffer is a tcp packet sniffer. It can log network traffic in a 'standard' (web server like) or in a customized way. It can also log response times, useful for tracking network services performances (e.g. web server, application server, etc.) Free Download
Latest Software
Popular Software
Favourite Software
