Nikto 2.0が出たそうです。久々のリリースだ。

Version 2

Nikto version 2 contains many enhancements over the first version. Some of the major new features include:

• Fingerprinting web servers via favicon.ico files
• 404 checking for each file type
• Enhanced false positive reduction via multiple methods: headers, page content, and content hashing
• Scan tuning to include or exclude entire classes of vulnerability checks
• Expanded scan database can have multiple positive or negative triggers, to allow AND/OR/NOT for flexible checks
• Uses LibWhisker 2, which has its own long list of enhancements
• A "single" scan mode that allows you to craft an HTTP request by hand
• Updated and greatly enhanced documentation
• Authorization guessing handles any directory, not just the root directory
• New HTML report
• Basic template engine so that HTML reports can be easily customized
• An experimental knowledge base for scans, which will allow regenerated reports and retests (future)
• ... and countless tweaks/bugfixes/optimizations ...