Nikto

Nikto

Category: Vulnerability Scanners
Website: http://www.cirt.net/code/nikto.shtml
Manufacturer: CIRT
Operating System: Unix/Linux

6
Security Threat Rating

Description:
Nikto is a web-server scanner that looks for many typed of vulnerabilities especially dangerous CGI scripts. It was built on top of Whisker and claims to find more vulnerability types. This is hard to verify, however, especially given that Whisker has many public libraries written for it. A perl library, LibWhisker, is included making it possible to modify or extend Nikto if you have Perl expertise. Scanning employs character encoding to make it unseen by most IDS solutions; however it makes no other efforts to be stealthy.

Strengths:
   · Hard to detect
   · Easily modified if you know perl
   · Many libraries available to add new scans
   · Free and open source
   · Scan db is in CSV format

Weaknesses:
· No UI
· Confusing array of cmd line switches

Target:
Webservers

Mitigation/Recommendation:
Ensure no dangerous CGI scripts are enabled on your web server. Use Whisker or any other CGI scanner (eg. Nikto) to get a jump on the problem. Read http://www.w3.org/Security/Faq/wwwsf4.html

Price:
Free

Penetration (9):
High

Simplicity (4-6):
Mmoderate - advanced Requires moderate skill to start a scan and know what to scan for. Requires more advanced skill to interpret the results and know what to do with them. Modification and writing of custom scans requires security expertise as well as a knowledge of perl

Damage Potential (3):
Low Mostly data gathering, however a proper script could be damaging to a server