[Owasp-brazil] Fwd: [WEB SECURITY] Nikto 2 released

Rodrigo Montoro (Sp0oKeR) spooker at gmail.com
Mon Nov 12 12:26:36 EST 2007


   Desculpa se ja assinam, mas acho de interesse de todos =).

[]z! Sp0oKeR!


---------- Forwarded message ----------
From: Sullo <sullo at cirt.net>
Date: Nov 12, 2007 3:11 PM
Subject: [WEB SECURITY] Nikto 2 released
To: websecurity at webappsec.org


Just wanted to let everyone know that Nikto 2 is finally out (after
years of dragging my feet and more than a few excuses!).
-Sullo
///

Nikto is an open source (GPL) web server scanner which performs tests
against web servers for multiple items, including over 3500
potentially dangerous files/CGIs, versions on over 900 servers, and
version specific problems on over 250 servers.

Version 2 adds a ton of enhancements, including:
- Fingerprinting web servers via favicon.ico files
- 404 error checking for each file type
- Enhanced false positive reduction via multiple methods: headers,
page content, and content hashing
- Scan tuning to include or exclude entire classes of vulnerability checks
- Uses LibWhisker 2, which has its own long list of enhancements
- A "single" scan mode that allows you to craft an HTTP request manually
- Basic template engine so that HTML reports can be easily customized
- An experimental knowledge base for scans, which will allow
regenerated reports and retests (future)
- Optimizations, bug fixes and more...

Source & info:
http://www.cirt.net/code/nikto.shtml


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]




-- 
=========================
     Rodrigo Ribeiro Montoro
      Analista de Segurança
    SnortCP / RHCE / LPIC-I
 http://spookerlabs.multiply.com
=========================


More information about the Owasp-brazil mailing list