Overview
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. ( https://cirt.net/nikto2-docs/index.html )
Nikto Product Configurations
The following are the most popular Nikto configurations provided by ZeroNorth:
- Nikto-full-web (-port 80,443) - this will scan will run comprehensive tests against your web server via ports 80 and 443.
- Nikto-full (-Tuning 9 -port 80,443) - this will scan will run comprehensive tests against your web server via ports 80 and 443. The Tuning option 9 will try SQL Injection.
Activating a Nikto Scenario
To use Nikto via ZeroNorth, you must first “activate” a Nikto Scenario. As an open-source tool, the use of Nikto via the ZeroNorth platform has no added cost, and requires no special server installation.
To activate a Nikto Scenario:
- Sign in to the ZeroNorth web UI at https://fabric.zeronorth.io .
- Go to zn ADM > Scenarios .
- Locate the Product “Nikto”.
- Click on the +Add Scenario button to the bottom right of the Product.
- In the subsenquent Scenario details panel, select the desire Product Configuration (e.g. one of the ones described above).
- Provide or edit the Name of the Scenario.
- Click Save .
The Nikto Scenario is now ready for use in a Policy.