Nikto is an open source dynamic web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.
Security Stage | DAST (Dynamic Analysis) |
Type | OpenSource |
Frameworks | Any |
Site | https://github.com/sullo/nikto/wiki |
1 | You'll need a URL to scan |
Adding Nikto to your set of dynamic security tests involves adding the tool to your toolkit, and any configuration you want to specify. Your version configuration will be setup for dynamic testing. Go to the dynamic documentation page to see how to set this up for any dynamic testing.
To add the Nikto2 security tool:
Now any time you click 'Test Now' and choose the ToolKit you added Nikto2 to, or make a request over the Uleska API or CLI and include that ToolKit, the Nikto2 tool will be included in the test run and any results added to your vulnerabilities list.
Notes
Currently, most of the Nikto2 command line flags are supported by the adaptor. If you find any further flags you wish to have included, please contact Uleska.