Nikto2.0
( Nikto 2.00 release - にわか鯖管の苦悩日記 _| ̄|● (2007-11-12)より)
Nikto 2.0が出たそうです。久々のリリースだ。
Version 2
Nikto version 2 contains many enhancements over the first version. Some of the major new features include:
- Fingerprinting web servers via favicon.ico files
- 404 checking for each file type
- Enhanced false positive reduction via multiple methods: headers, page content, and content hashing
- Scan tuning to include or exclude entire classes of vulnerability checks
- Expanded scan database can have multiple positive or negative triggers, to allow AND/OR/NOT for flexible checks
- Uses LibWhisker 2, which has its own long list of enhancements
- A "single" scan mode that allows you to craft an HTTP request by hand
- Updated and greatly enhanced documentation
- Authorization guessing handles any directory, not just the root directory
- New HTML report
- Basic template engine so that HTML reports can be easily customized
- An experimental knowledge base for scans, which will allow regenerated reports and retests (future)
- ... and countless tweaks/bugfixes/optimizations ...