Chapter 4. Writing Plug-ins for the Nikto Vulnerability Scanner
Nikto is one of a
number of open source security tools available
to consultants and administrators. Nikto is a web server scanner, but
it also can be used as a CGI scanner. Its purpose is to conduct a
series of tests against a web server and to report known
vulnerabilities in the server and its applications. The Nikto program
is Perl code written and maintained by Chris Sullo. Nikto is regarded
as the best in its class, which has earned it the number 16 spot in
Fyodor's annual "Top Security
Tools" survey, and it is mentioned in numerous books
and articles. This chapter will give you an overview of the tool and
explain how to extend it by writing your own code in the form of
plug-ins and plug-in database entries.
|