Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.
It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Scan items and plugins are frequently updated and can be automatically updated.
You can find nikto here
Synstax : nikto options
Options:
-host : target host
-id : host authentication to use, format is id:pass or id:pass:realm
-maxtime : Maximum testing time per host
-mutate : Guess additional file names:
1 : Test all files with all root directories
2 : Guess for password file names
3 : Enumerate user names via Apache (/~user type requests)
4 : Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)
5 : Attempt to brute force sub-domain names, assume that the host name is the parent domain
6 : Attempt to guess directory names from the supplied dictionary file
-nointeractive : Disables interactive features
-nolookup : Disables DNS lookups
-nossl : Disables the use of SSL
-no404 : Disables nikto attempting to guess a 404 page
-output path : Write output to this file ('.' for auto-name)
-port : Port to use (default 80)
-ssl : Force ssl mode on port
-Tuning : Scan tuning :
1 : Interesting File / Seen in logs
2 : Misconfiguration / Default File
3 : Information Disclosure
4 : Injection (XSS/Script/HTML)
5 : Remote File Retrieval - Inside Web Root
6 : DoS
7 : Remote File Retrieval - Server Wide
8 : Command Execution / Remote Shell
9 : SQL Injection
0 : File upload
a : Authentication Bypass
b : Software Identification
c : Remote Source Inclusion
x : Reverse Tuning Options (i.e., include all except specified)
-timeout : Timeout for requests (default 10s)
-useproxy : Use the proxy defined in nikto.conf
Example :
nikto -host www.site.com -maxtime 600 -port 80 -nossl -output /home/HackForLulz/result
Target : site.com
Max time scan : 600
Port : 80
ssl : No
Output : /home/HackForLulz/result
nikto -host www.site.com -maxtime 1200 -port 80 -ssl -Tuning 9 -output /home/HackForLulz/result
Target : www.site.com
Max time scan : 1200
Port : 80
ssl : Yes
Scan tuning : SQL Injection (9)
Output : /home/HackForLulz/result
nikto -host www.site.com -port 443 -ssl -Tuning 129 -output /home/HackForLulz/result
Target : www.site.com
port : 443
ssl : Yes
Tuning : 1 (Interesting File) 2(Misconfiguration / Default File) 9(SQL Injection)
Output : /home/HackForLulz/result
For more information about nikto type : nikto -H
If you have a problem or you need some explanations just write under this post!
No comments:
Post a Comment