nikto-list
A wrapper around nikto with support for multiple targets. Nikto is web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.
Details
Category: Scanners
Publisher: trickest-mhmdiaa
Created Date: 8/31/2022
Container: quay.io/trickest/nikto-list:dc98b86-patch-2
Source URL: https://github.com/sullo/nikto
Parameters
port
string
Command:
-port - Port to use (default 80)proxy
string
Command:
-useproxy - Use the proxy defined in nikto.conf, or argument http://server:portuntil
string
Command:
-until - Run until the specified time or durationvhost
string
Command:
-vhost - Virtual host (for Host header)format
string
Command:
-Format - Output file format (Options: csv, html, nbe, txt, xml)mutate
string
Command:
-mutate - Guess additional file namesno-404
boolean
Command:
-no404 - Disables nikto attempting to guess a 404 pageno-ssl
boolean
Command:
-nossl - Disables the use of SSLdbcheck
boolean
Command:
-dbcheck - Check database and other key files for syntax errorsdisplay
string
Command:
-Display - Turn on/off display outputs (options: 1, 2, 3, 4, D, E, P, S, V)maxtime
string
Command:
-maxtime - Maximum testing time per host (e.g., 1h, 60m, 3600s)timeout
string
Command:
-timeout - Timeout for requests (default 10 seconds)userdbs
string
Command:
-Userdbs - Load only user databases, not the standard databasescgi-dirs
string
Command:
-Cgidirs - Scan these CGI dirs: none, all, or values like /cgi/ /cgi-a/nolookup
boolean
Command:
-nolookup - Disables DNS lookupsrsa-cert
file
Command:
-RSAcert - Client certificate fileforce-ssl
boolean
Command:
-ssl - Force ssl mode on porthost-list
file
requiredCommand:
IgnoreCode
string
Command:
-IgnoreCode - Ignore Codes--treat as negative responsesuse-config
file
Command:
-config - Use this config fileuser-agent
string
Command:
-useragent - Over-rides the default useragentscan-tuning
string
Command:
-Tuning - Scan tuning:mutate-options
string
Command:
-mutate-options - Provide information for mutatesroot-directory
string
Command:
-root - Prepend root value to all requests, format is /directoryclient-cert-key
file
Command:
-key - Client certificate key fileevasion-technique
string
Command:
-evasion - Encoding techniquehost-authentication
string
Command:
-id - Host authentication to use, format is id:pass or id:pass:realm