Nikto 2.5.0 has now been released!
Please Note: Breaking changes to JSON and XML output may have occurred. If you rely on these formats please test before upgrading.
The Nikto 2.5.0 version contains hundreds of updates over several years, including the highlights below.
- IPv6 support (thanks to @richardleach)
- Updated db_checks format uses multiple reference
- Hundreds of OSVDB and BID references replaced
- Removal of some very old and false-positive prone tests
- Decode Netscaler cookies (thanks to @canberkpolat)
- Add -usecookies flag to send received cookies with subsequent requests
- Add -followredirects flag to signal 3xx responses should be fetched and tested
- Add -noslash to remove trailing slash from directories
- Check for indexing on redirect paths
- Alert on alt-svc header
- Hundreds of bug fixes, test updates and enhancements, and other optimization changes
You can start using Nikto 2.5.0 by performing a git pull from the master branch, cloning the repository again, or downloading the zip file.
To fix pull issues, try this fix suggested by @digininja
git fetch --all && git reset --hard origin/master
As always, if you encounter bugs or problems, please open an issue