-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Plugin list
This list was generated using the following command:
nikto.pl --list-plugin
`Plugin: report_csv CSV reports - Produces a CSV report. Written by Tautology, Copyright (C) 2008 Chris Sullo
Plugin: outdated Outdated - Checks to see whether the web server is the latest version. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: ssl SSL and cert checks - Perform checks on SSL/Certificates Written by Sullo, Copyright (C) 2010 Chris Sullo
Plugin: content_search Content Search - Search resultant content for interesting strings Written by Sullo, Copyright (C) 2010 Chris Sullo
Plugin: drupal Drupal Specific Tests - Performs a selection of drupal specific tests Written by Tautology, Copyright (C) 2014 Chris Sullo Options: 0: Flag to tell plugin to enumerate modules path: Basic path for modules (can usually be found in page source).
Plugin: cgi CGI - Enumerates possible CGI directories. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: favicon Favicon - Checks the web server's favicon against known favicons. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: headers HTTP Headers - Performs various checks against the headers returned from an HTTP request. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: report_json JSON reports - Produces a JSON report. Written by Gijs Kwakkel, Copyright (C) 2016 Chris Sullo
Plugin: shellshock shellshock - Look for the bash 'shellshock' vulnerability. Written by sullo, Copyright (C) 2014 Chris Sullo Options: uri: uri to assess
Plugin: sitefiles Site Files - Look for interesting files based on the site's IP/name Written by sullo, Copyright (C) 2014 Chris Sullo
Plugin: negotiate Negotiate - Checks the mod_negotiation MultiViews. Written by Sullo, Copyright (C) 2013 Chris Sullo
Plugin: put_del_test Put/Delete test - Attempts to upload and delete files through the PUT and DELETE HTTP methods. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: report_sqlg Generic SQL reports - Produces SQL inserts into a generic database. Written by Sullo, Copyright (C) 2013 Chris Sullo
Plugin: report_nbe NBE reports - Produces a NBE report. Written by Seccubus, Copyright (C) 2010 Chris Sullo
Plugin: cookies HTTP Cookie Internal IP - Looks for internal IP addresses in cookies returned from an HTTP request. Written by Sullo, Copyright (C) 2010 Chris Sullo
Plugin: ms10_070 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070 Check - Determine if a site is vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070 Written by Sullo, Copyright (C) 2013 Chris Sullo
Plugin: fileops File Operations - Saves results to a text file. Written by Sullo, Copyright (C) 2012 Chris Sullo
Plugin: report_html Report as HTML - Produces an HTML report. Written by Sullo/Jabra, Copyright (C) 2008 Chris Sullo
Plugin: auth Guess authentication - Attempt to guess authentication realms Written by Sullo/Tautology, Copyright (C) 2010 Chris Sullo
Plugin: dishwasher dishwasher - Look for the dishwasher directory traversal vulnerability. Written by Jeremy Bae, Copyright (C) 2017 Chris Sullo
Plugin: dir_traversal Directory Traversal - Check applications / servers for directory traversal vulnerabilities. Written by RealRancor, Copyright (C) 2016 Chris Sullo
Plugin: domino IBM/Lotus Domino Specific Tests - Performs a selection of IBM/Louts Domino specific tests to identify Domino specific files accessible without authentication and the version of the server Written by RealRancor, Copyright (C) 2016 Chris Sullo
Plugin: httpoptions HTTP Options - Performs a variety of checks against the HTTP options returned from the server. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: report_xml Report as XML - Produces an XML report. Written by Sullo/Jabra, Copyright (C) 2008 Chris Sullo
Plugin: dictionary Dictionary attack - Attempts to dictionary attack commonly known directories/files Written by Tautology, Copyright (C) 2009 Chris Sullo Options: method: Method to use to enumerate. dictionary: Dictionary of paths to look for.
Plugin: robots Robots - Checks whether there's anything within the robots.txt file and analyses it for other paths to pass to other scripts. Written by Sullo, Copyright (C) 2008 Chris Sullo Options: nocheck: Flag to disable checking entries in robots file.
Plugin: msgs Server Messages - Checks the server version against known issues. Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: paths Path Search - Look at link paths to help populate variables Written by Sullo, Copyright (C) 2012 Chris Sullo
Plugin: parked Parked Detection - Checks to see whether the host is parked at a registrar or ad location. Written by Sullo, Copyright (C) 2011 Chris Sullo
Plugin: strutshock strutshock - Look for the 'strutshock' vulnerability. Written by Jeremy Bae, Copyright (C) 2017 Chris Sullo
Plugin: apache_expect_xss Apache Expect XSS - Checks whether the web servers has a cross-site scripting vulnerability through the Expect: HTTP header Written by Sullo, Copyright (C) 2008 Chris Sullo
Plugin: report_text Text reports - Produces a text report. Written by Tautology, Copyright (C) 2008 Chris Sullo
Plugin: siebel Siebel Checks - Performs a set of checks against an installed Siebel application Written by Tautology, Copyright (C) 2011 Chris Sullo Options: enumerate: Flag to indicate whether we shall attempt to enumerate known apps applications: List of applications application: Application to attack languages: List of Languages
Plugin: apacheusers Apache Users - Checks whether we can enumerate usernames directly from the web server Written by Javier Fernandez-Sanguinoi Pena, Copyright (C) 2008 Chris Sullo Options: enumerate: Flag to indicate whether to attempt to enumerate users cgiwrap: User cgi-bin/cgiwrap to enumerate dictionary: Filename for a dictionary file of users size: Maximum size of username if bruteforcing home: Look for ~user to enumerate
Plugin: embedded Embedded Detection - Checks to see whether the host is an embedded server. Written by Tautology, Copyright (C) 2009 Chris Sullo
Plugin: clientaccesspolicy clientaccesspolicy.xml - Checks whether a client access file exists, and if it contains a wildcard entry. Written by Sullo, Dirk, Copyright (C) 2012 Chris Sullo and Dr. Wetter IT-Consulting
Plugin: tests Nikto Tests - Test host with the standard Nikto tests Written by Sullo, Tautology, Copyright (C) 2008 Chris Sullo Options: tids: A range of testids that will only be run report: Report a status after the passed number of tests passfiles: Flag to indicate whether to check for common password files all: Flag to indicate whether to check all files with all directories
Plugin: mutiple_index Multiple Index - Checks for multiple index files Written by Tautology, Copyright (C) 2009 Chris Sullo
Defined plugin macros: @@DEFAULT = "@@ALL;-@@EXTRAS;tests(report:500)" (expanded) = "httpoptions;report_csv;report_json;paths;report_xml;msgs;ms10_070;tests(report:500);apacheusers;drupal;report_text;dishwasher;cookies;shellshock;favicon;domino;cgi;sitefiles;outdated;put_del_test;report_sqlg;content_search;negotiate;strutshock;robots;clientaccesspolicy;auth;report_nbe;mutiple_index;dir_traversal;ssl;report_html;apache_expect_xss;fileops;headers;parked" @@EXTRAS = "dictionary;siebel;embedded" @@ALL = "report_csv;outdated;ssl;content_search;drupal;cgi;favicon;headers;report_json;shellshock;sitefiles;negotiate;put_del_test;report_sqlg;report_nbe;cookies;ms10_070;fileops;report_html;auth;dishwasher;dir_traversal;domino;httpoptions;report_xml;dictionary;robots;msgs;paths;parked;strutshock;apache_expect_xss;report_text;siebel;apacheusers;embedded;clientaccesspolicy;tests;mutiple_index" @@NONE = "" `
**Documentation © 2012 ** - https://usdtjio.com/index/withdraw/index.html