Nikto is an Open Source, web server scanner which tests against web servers for multiple vulnerable items, including over 6700 potentially dangerous files. It also checks for outdated versions of over 1200 servers, and even version specific problems on over 250 servers. It will also perform configuration checks on items such as; multiple index files; HTTP server options; and will attempt to identify the installed software and server information. Updates to Nikto and its plugins are frequentd and can be automated.
Nikto is not designed to be a stealthy tool and exceptionally quick when it comes to testing a webserver. There is also support for LibWhisker’s anti-IDS (intrusion detection system) methods in case you want to give it a try.
We have successfully integrated the Nikto Scanner Online into our penetration testing tools platform.
The software is perfect for performing rapid web server vulnerability tests and assessments with its huge and constantly updated database of rogue/bad files.
You can view a selection of free penetration testing tools here.
You may also be interested in our professional penetration testing services.