Nikto is a PERL, open source web server scanner which supports SSL. It checks for (and if possible attempts to exploit) remote web
server vulnerabilities and misconfigurations.

Some of the features features:
- CSV format check database for easy updates
- Easy, "automatic" check database update through the tool itself
- Full scan support through proxy (with authentication)
- Supports Basic Auth to target host
- Checks for installed software versions (and Apache modules) and looks for outdated software
- Warns of any version specific problems for software (and Apache modules)
- SSL Support (on Unix with OpenSSL installed or Windows with ActiveState's Perl/NetSSL)
- Output to file in plain text or HTML
- Generic and "server type" specific checks
- Plugin support (standard PERL) for easy growth
- Watches for "bogus" OK responses
- Captures/prints cookies received

More Info: http://www.cirt.net/code/nikto.shtml
Source: http://www.cirt.net/source/nikto-current.tar.gz

This release should still be considered a somewhat of a "test" release, though it seems to be "bug free". Please see the read-me for any
known issues. I'm very interested in comments, suggestions & the like.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]