漏洞扫描工具—nikto
2017-04-05 18:25
183 查看
nikto
nikto是一款扫描指定主机的web类型,主机名。特定目录,cookie,特定cgi漏洞,xss漏洞,sql漏洞,返回主机允许的http方法等安全问题的工具。
1.下载nikto
http://www.cirt.net/nikto2
2.下载pl解读环境activeperl,如果是文件包格式要自己设置perl.exe环境变量
http://www.activestate.com/store/download.aspx?prdGUID=81fbce82-6bd5-49bc-a915-08d58c2648ca
3.设置nikto.pl环境变量。
在path中设置
4.使用示例
在命令行中输入命令,输出结果文档,示例中为output.html文档
nikto.pl-h x.x.x.x -p 80,8080 -o report.log。指定ip、端口、输出文件。
nikto.pl-h
www.baidu.com-F html -ooutput.html
5.常用参数
nikto是一款扫描指定主机的web类型,主机名。特定目录,cookie,特定cgi漏洞,xss漏洞,sql漏洞,返回主机允许的http方法等安全问题的工具。
1.下载nikto
http://www.cirt.net/nikto2
2.下载pl解读环境activeperl,如果是文件包格式要自己设置perl.exe环境变量
http://www.activestate.com/store/download.aspx?prdGUID=81fbce82-6bd5-49bc-a915-08d58c2648ca
3.设置nikto.pl环境变量。
在path中设置
4.使用示例
在命令行中输入命令,输出结果文档,示例中为output.html文档
nikto.pl-h x.x.x.x -p 80,8080 -o report.log。指定ip、端口、输出文件。
nikto.pl-h
www.baidu.com-F html -ooutput.html
5.常用参数
-ask+ | yes | each |
| no | do not ask|send |
| auto | do not ask but send |
-Cgidirs+ | scan these CGI dirs | none|all|/cgi//cgi-a |
-Display+ | 1 | show redirects 重定向 |
| 2 | show cookies received |
| 3 | show all 200/OK response |
| 4 | show URLs which require authentication |
| D | Debug output |
| E | Display all HTTP errors |
| P | Print progress to STDOUT |
| S | Scrub output of IPs and hostnames清理IP和主机名的输出 |
| V | Verbose output详细输出 |
-dbcheck | Check database and key files for syntax errors | 好像只能检查本地数据库 |
-evasion+ | 使用LibWhisker中对IDS的躲避技术 1 | Random URI encoding<non-UTF8> |
| 2 | Directory self-refer</./> 自选择路径(/./) |
| 3 | Premature URL string 虚假的请求结束 |
| 4 | Prepend long random string |
| 5 | Fake parameter 参数隐藏 |
| 6 | TAB as request spacer 使用TAB作为命令的分隔符 |
| 7 | Change the case of the URL 大小写敏感 |
| 8 | Use Windows directory separator<\> 使用Windows路径分隔符\替换/ |
| A | Use a carriage return <0X0d>as a request spacer 会话重组 |
| B | Use binary value 0X0b as a request spacer |
-Format+ | csv | |
| json | |
| HTML | |
| nbe | Nessus NBE format |
| sql | Generic SQL |
| txt | Plain text |
| xml | xml Format |
-Help | Extended help information | |
-host+ | Target host | 10.84.62.238 |
-404code | Ignore these HTTP codes as negative response<always> | Format is ;"301,302" |
-id+ | Host authentication to use. ID和密码对于授权的HTTP认证 | format is id:pass or id:pass:realm |
-key+ | Client certification key file | |
-list-plugins | List all available plugins,perform no testing | |
-maxtime+ | Maximum testing time per host<e.g.,1h,60m,3600s> | |
-mutate+ 变化猜测技术 | 1 | Test all files with all root directories 使用所有的root目录测试所有文件 |
| 2 | Guess for password file names 猜测密码文件名字 |
| 3 | Enumerate user names via Apache </~user type requests> 列举Apache的用户名字(/~user) |
| 4 | Enumerate user names via cgiwrap</cgi-bin/cgiwrap/~user typr requests> 列举cgiwrap的用户名字(/cgi-bin/cgiwrap/~user) |
| 5 | Attempt to brute force sub-domain names ,asume that the host name is the parent domain |
| 6 | Attempt to guess directory names form the supplied dictionary file |
-mutate-options | Provide information for mutates | |
-nointeractive | Disables interactive features | 禁用交互功能 |
-nolookup | Disables DNS lookups | 禁用DNS查找 |
-nossl | Disables nikto attempting to guess a 404 page | 禁止nikto尝试猜测404页面 |
-Option | Over-ride an option in niketo.conf,can be issued multiple times | 在niketo.conf中重载一个选项,可以多次发出 |
-output+ | Write output to this file<',' for auto-name> | 将输出写入此文件<','用于自动名称> |
-Pause+ | Pause between tests<seconds,integer or float> | |
-Plugins+ | List of plugins to run <default:ALL> | |
-port+ | Port to use<default 80> | -port 80,8080,443 |
-RSAcert+ | Client certificate file | |
-root+ | Prepend root value to all requests,format is/directory | 设定所有请求的根目录,格式为/directory |
-Save | Save positive responses to this directory<'.' for auto-name> | |
-ssl | Force ssl mode on port | 端口强制ssl模式 |
-Tuning+ | 1 | Interesting File/Seen in logs 日志文件 |
| 2 | Misconfigurator/Default File 默认的文件 |
| 3 | Information Disclosure 信息泄漏 |
| 4 | Injection<XSS/Script/HTML> 注射(XSS/Script/HTML) |
| 5 | Remote File Retrieval - Server Wide 远程文件检索(Web 目录中) |
| 6 | Denial of Service 拒绝服务 |
| 7 | Remote File Execution/Remote Shell 远程文件检索(服务器) |
| 8 | 代码执行-远程shell |
| 9 | SQL Injection |
| 0 | File Upload |
| a | Authentication Bypass 认证绕过 |
| b | Software Identification 软件关联 |
| c | Remote Source Inclusion |
| d | WebService |
| e | Administrative Console |
| x | Reverse Turning Options<i.e.,include all expect specified> 反向连接选项 |
-timeout+ | Timeout for requests<default 10 seconds> | |
-Userdbs | all | Load only user databases,not the standrad databases |
| tests | Disable only db_tests and udb_tests |
-useragent | Over-rides the default useragent | |
-until | Run until the specified time or duration | |
-update | Update databases and plugins from CIRT.net | |
-useproxy | Use the proxy defined in niko.conf, or argument http://server:port | |
-Version | Print plugins and database version | |
-vhost+ | Virtual host<for Host header>+ requires a value | |
相关文章推荐
- 如何使用Nikto漏洞扫描工具检测网站安全
- 如何使用Nikto漏洞扫描工具检测网站安全
- 漏洞扫描工具nikto
- 如何使用Nikto漏洞扫描工具检测网站安全 推荐
- 漏洞扫描工具nikto使用心得
- 使用Nikto漏洞扫描工具检测网站安全
- Nikto是一款Web安全扫描工具,可以扫描指定主机的web类型,主机名,特定目录,cookie,特定CGI漏洞,XSS漏洞,SQL注入漏洞等,非常强大滴说。。。
- Nikto漏洞扫描工具检测网站安全
- 如何使用Nikto漏洞扫描工具检测网站安全
- 漏洞扫描工具nikto使用心得
- 漏洞扫描工具--Nikto漏洞扫描工具调研
- 漏洞扫描工具nikto
- 如何使用Nikto漏洞扫描工具检测网站安全
- 使用nikto漏洞扫描工具检测网站安全
- 如何使用Nikto漏洞扫描工具检测网站安全
- 如何使用Nikto漏洞扫描工具检测网站安全
- 网络扫描工具:nikto简单介绍
- 常用的网站漏洞扫描工具
- 最好用的开源Web漏洞扫描工具梳理
- 强大的漏洞扫描工具--nessus