Articles, books & references

Using Nikto with Nessus (Video)

Paul over at Tenable Security Podcast has put together a concise video on how to integrate Nikto directly into Nessus. Definitely worth watching if you're trying to get that set up.

Seccubus 1.5 with Nikto support

Seccubus automates regular vulnerability scans and provides delta reporting. On 8/1, the project released version 1.5 "The DefCon Edition." This version includes support for controlling Nikto through Seccubus directly, leveraging the NBE report format which Frank Breedijk (Seccubus' author) wrote and released with the 2.1.2 version of Nikto.

In addition to working with Seccubus, Frank's NBE report format should allow for easy Nikto integration into any program which supports Nessus imports.

Nikto 2.5

Install (recommended): Run from a git repo -
Download: Latest GitHub Release (zip)

Nikto is sponsored by Netsparker, a dead accurate and easy to use web application security solution.

Nikto Award for Best IT Security Tools for 2009

Nikto has won a "Best IT Security Tools for 2009" award in the open source category for application scanners. An award is a testament to the great work Dave has done in 2009 to keep Nikto updated, accurate and relevant even as the web is changing at lightning speeds.

Running Nikto via Nessus

Michel Arboi and Brian Martin have written a long post on Tenable's blog detailing exactly how to get Nessus to run Nikto automatically. This has been a question that's come up time and again on the mailing lists, so hopefully this will help everyone out.

Related Projects

These projects are related to Nikto, or incorporate/use the Nikto databases in some fashion.

  • Nikto::Parser - A perl module for reading and parsing Nikto's XML output.
  • SCRT Webshag - Webshag is a multi-threaded, multi-platform web server audit tool written in Python. Webshag incorporates the Nikto scan database.