Security Dashboard
ARTICLE Nikto updated to v2.03
Monday 1 September 2008 - 486 read - ( Keywords : Application Scanner , Nikto , Vulnerability Scanner )
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updatedMajor changes :
Nikto can now take greppable nmap input directly on the command line.
Nikto can take a range of ports (e.g. 80-82).
Ports that are not open are now reported.
Nikto can now read hosts from stdin, by specifying "-host -".
HTML and XML reports don’t produce duplicates.
Allow multiple HTTP methods to work out whether the server is HTTP or not.
Fix for a nasty bug where defined variables (e.g. cgi-bin directories) are not read properly.
Updates to allow HTML output to validate properly as XHTML.
POSTSCRIPTUM
COMPLIANCE MANDATES
Application Scanner : PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2Vulnerability Scanner : PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2RELATED ARTICLES
Application Scanner,
Nikto,
Vulnerability Scanner,
3 February 2010 : Nikto v2.1.1 released19 October 2009 : Nikto v2.1.0 - released16 April 2009 : Nikto updated to 2.031 September 2008 : Nikto updated to v2.035 February 2008 : MacNikto v1.01 boosting OSX with Nikto capabilities
