Nikto 2.1.1 available!

I'm happy to announce the immediate availability of Nikto 2.1.1!

Nikto is an open source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, checks for outdated versions of over 950 servers, and version specific problems on over 260 servers.

In addition to bug fixes, 2.1.1 contains some new functionality, including:

  • New remote file inclusion (RFI) testing
  • Over 2300 new RFI tests (courtesy RSnake/OSVDB)
  • Sending of each test ID in the User-Agent

Nikto 2.1.0 release

It's final time to stop procrastinating: Nikto 2.1.0 is here!

This version has gone through significant rewrites under the hood to how Nikto works, to make it more expandable and usable. Changes include:

  • Rewrite to the plugin engine allowing more control of the plugin structure and making it easier to add plugins

  • Rewrite to the reporting engine allowing reporting plugins to cover more and also ensuring that output is written if Nikto is quit before finishing

Nikto 2.02 Available

Nikto 2.02 is now available!

This release adds the major new feature of XML reports, and several other new enhancements and fixes, including:

  • XML reports & DTD, thanks to Jabra
  • cleaned up HTML reports, thanks to Jabra
  • unique IDs for all checks, to help automated tracking of vulns
  • Apache Expect header XSS plugin
  • updated documentation
  • ...and various bug fixes

Announcing: Nikto 1.36

Nikto 1.36 is now available for general release. It is recommended that all users upgrade from previous versions, as this fixes a number of bugs which could impact scans.

Check out the change log for more info.