Loading...
Monday, September 17, 2012

NIkto 2.1.5 - An open source web server scanner


Nikto is an open source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
This release contains a number of important bug fixes, as well as new functionality and improvements, which have been added to the development branch over the last 19 months! 
New Features
  • Save full response on positive, plaintext & JSON
  • -maxtime maximum execution time per host (seconds)
  • -until run until specified time or duration
  • -IgnoreCode option to allow db_404_strings @CODE from the command line
  • Replay saved JSON requests with replay.pl
  • Client SSL certificate support
  • Output file name now takes '.' which will auto-generate name
  • Content parsing to add items to db_variables values for enhanced testing
  • robots.txt lines are now added to db_variables values for enhanced testing
New Checks
  • Check for wildcards in crossdomain.xml and clientaccesspolicy.xml
  • Find IPs in HTTP headers
  • Checked for sites parked at hosting providers or advertising pages
  • Parsed robots.txt now checks for listed files (for content search, etc.)
  • nikto_favicon.plugin checks for icons in <link> tags
Enhancements
  • Fix bugs/minor enhancements in: XML reports, robots.txt parsing, wildcard certificate matching, banner parsing, tons more!
  • Default to use Net::SSL instead of Net::SSLeay as a result of too many memory issues in SSLeay
  • CSV reports include the same info as other reports
  • HTML reports include more meta information
For a full list of updates, see the CHANGELOG.txt file or the list of closed tickets on assembla.com.

MD5 Checksums:
Visit Website -
Documentation-

Previous post regarding Nikto -

0 comments:

Post a Comment

 
TOP