Nikto is an Open Source (
GPL)
web server scanner which scans your webserver against more than 6500 potentially
dangerous files/CGIs, checks for outdated versions of over 1250 servers,
and version specific problems on over 270 servers. It has a very good
plugin support
What Nikto can do.
SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's
Perl/NetSSL)
Full HTTP proxy support
Checks for outdated server components
Save reports in plain text, XML, HTML, NBE or CSV
Template engine to easily customize reports
Scan multiple ports on a server, or multiple servers via input file (including nmap output)
LibWhisker's IDS encoding techniques
Easily updated via command line
Identifies installed software via headers, favicons and files
Host authentication with Basic and NTLM
Subdomain guessing
Apache and cgiwrap username enumeration
Mutation techniques to "fish" for content on web servers
Scan tuning to include or exclude entire classes of vulnerability
checks
Guess credentials for authorization realms (including many default id/pw combos)
Authorization guessing handles any directory, not just the root
directory
Enhanced false positive reduction via multiple methods: headers,
page content, and content hashing
Reports "unusual" headers seen
Interactive status, pause and changes to verbosity settings
Save full request/response for positive tests
Replay saved positive requests
Maximum execution time per target
Auto-pause at a specified time
Checks for common "parking" sites
Logging to Metasploit
Thorough documentation
Official site
To install in ubuntu / debian
$ sudo apt-get install nikto
Full installation of nikto will offer lot of options
$ nikto will give the list of options
For simple test
$ sudo nikto -h www.yoursite.com
output will we like this
abc@abc-desktop:~$ sudo nikto -h www.xxxx.com
- Nikto v2.1.4
---------------------------------------------------------------------------
+ Target IP: 202.18.233.233
+ Target Hostname: www.abcx.com
+ Target Port: 80
+ Start Time: 2013-10-32 08:29:09
---------------------------------------------------------------------------
+ Server: Apache/2.2.22 (Debian)
+ Retrieved x-powered-by header: PHP/5.4.4-14+deb7u5
+ Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+
OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used
for debugging and should be disabled. This message does not mean it is
vulnerable to XST.
+ OSVDB-0: ETag header found on server, inode: 3965147, size: 2857, mtime: 0x433a88acc26c0
+ PHP/5.2.6-1+lenny3 appears to be outdated (current is at least 5.2.6RC4)
+ mod_perl/2.0.4 appears to be outdated (current is at least 5.8)