Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Version 2.03 Release :
* Nikto can now take greppable nmap input directly on the command line.
* Nikto can take a range of ports (e.g. 80-82).
* Ports that are not open are now reported.
* Nikto can now read hosts from stdin, by specifying “-host -“.
* HTML and XML reports don’t produce duplicates.
* Allow multiple HTTP methods to work out whether the server is HTTP or not.
* Fix for a nasty bug where defined variables (e.g. cgi-bin directories) are not read properly.
* Updates to allow HTML output to validate properly as XHTML.