<![CDATA[ - Penetration Testing (Pentest)]]> https://hackmyride.com/forum/ Sat, 06 Jun 2026 05:26:37 +0000 MyBB <![CDATA[SubSeven Legacy]]> https://hackmyride.com/forum/showthread.php?tid=1613 Sat, 18 Mar 2023 21:16:18 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1613 [Image: banner.png] SubSeven Legacy

"SubSeven Legacy is a complete remake of the infamous SubSeven Backdoor (also known as Sub7), a popular remote access trojan from the late 90s. More information about the original Sub7 Backdoor can be found on the official Wikipedia page.

Like the original Sub7 program, SubSeven Legacy is entirely coded in Delphi and supports the latest version of the Delphi IDE/Compiler. However, unlike the original Sub7, SubSeven Legacy does not include any malicious features.

To preserve the old look and feel and prevent misuse, SubSeven Legacy still functions as a direct connection remote access tool and is installed as a Microsoft Windows service (which requires administrative privileges) to provide more control over the remote system.

The main goal of this project is to bring back good memories for those who, like me, grew up with such awesome projects."

Included Features:
[Image: features.png]
  • SubSeven 2.2.X branch UX theme in pure VCL/WinAPI.
  • Pure Socket API with support of latest OpenSSL version. No extra libraries / components.
  • Multi-Threaded / Concurrency.
  • File Manager (Reactive).
  • Process Manager.
  • Remote Terminal.
  • Windows Session Manager.
  • Run As / Create Process As (Windows Session Supported)
"Unfortunately, I have not had the time to update this project in recent years and it is currently considered paused/dead. I am currently very busy with other projects.
This project was made possible during my long, sleepless nights with a newborn daughter, so please be understanding if you come across any humorous or experimental elements in the code. Thank you for your understanding."


.mp4   sub7.mp4 (Size: 7.66 MB / Downloads: 2)


VCL Packages / Components

I minimized the need of external components while making this project. Only two external components are required:
Other required components (custom components) mostly for the SubSeven UX can be found in the project:
  • SubSeven Viewer UX Components (Viewer\VCL\*)
  • SubSeven Tray Components (Tray\VCL\*)
  • Common / Shared Components (Shared\VCL\*)
If you are not familiar with Delphi, installing components could be quite confusing. Basically, open each components corresponding 
.dpk files then right click on solution explorer and click install.

You must then tell Delphi Compiler where to find the source code of each components (see: https://docwiki.embarcadero.com/RADStudi...t_Packages).

⚠️ Import Notice: The latest version of Delphi now supports HDPI for the IDE. However, when working with the SubSeven project, it is recommended to use the Delphi IDE in non-HDPI mode. The HDPI IDE is known to cause issues and negatively impact the user experience of the SubSeven project. To open and compile the project, simply disable HDPI mode in the Delphi IDE.

Screen Shots of the Viewer

Main Window (Viewer)
[Image: main.png]


Main Window (Certificate Information)
[Image: main-key.png]


Remote Terminal Concurrency
[Image: terminal.png]


Remote File Browser Concurrency + Reactive[Image: files.png]


Remote Process List
[Image: process.png]


SubSeven Art Gallery
[Image: art.png]]]> [Image: banner.png] SubSeven Legacy

"SubSeven Legacy is a complete remake of the infamous SubSeven Backdoor (also known as Sub7), a popular remote access trojan from the late 90s. More information about the original Sub7 Backdoor can be found on the official Wikipedia page.

Like the original Sub7 program, SubSeven Legacy is entirely coded in Delphi and supports the latest version of the Delphi IDE/Compiler. However, unlike the original Sub7, SubSeven Legacy does not include any malicious features.

To preserve the old look and feel and prevent misuse, SubSeven Legacy still functions as a direct connection remote access tool and is installed as a Microsoft Windows service (which requires administrative privileges) to provide more control over the remote system.

The main goal of this project is to bring back good memories for those who, like me, grew up with such awesome projects."

Included Features:
[Image: features.png]
  • SubSeven 2.2.X branch UX theme in pure VCL/WinAPI.
  • Pure Socket API with support of latest OpenSSL version. No extra libraries / components.
  • Multi-Threaded / Concurrency.
  • File Manager (Reactive).
  • Process Manager.
  • Remote Terminal.
  • Windows Session Manager.
  • Run As / Create Process As (Windows Session Supported)
"Unfortunately, I have not had the time to update this project in recent years and it is currently considered paused/dead. I am currently very busy with other projects.
This project was made possible during my long, sleepless nights with a newborn daughter, so please be understanding if you come across any humorous or experimental elements in the code. Thank you for your understanding."


.mp4   sub7.mp4 (Size: 7.66 MB / Downloads: 2)


VCL Packages / Components

I minimized the need of external components while making this project. Only two external components are required:
Other required components (custom components) mostly for the SubSeven UX can be found in the project:
  • SubSeven Viewer UX Components (Viewer\VCL\*)
  • SubSeven Tray Components (Tray\VCL\*)
  • Common / Shared Components (Shared\VCL\*)
If you are not familiar with Delphi, installing components could be quite confusing. Basically, open each components corresponding 
.dpk files then right click on solution explorer and click install.

You must then tell Delphi Compiler where to find the source code of each components (see: https://docwiki.embarcadero.com/RADStudi...t_Packages).

⚠️ Import Notice: The latest version of Delphi now supports HDPI for the IDE. However, when working with the SubSeven project, it is recommended to use the Delphi IDE in non-HDPI mode. The HDPI IDE is known to cause issues and negatively impact the user experience of the SubSeven project. To open and compile the project, simply disable HDPI mode in the Delphi IDE.

Screen Shots of the Viewer

Main Window (Viewer)
[Image: main.png]


Main Window (Certificate Information)
[Image: main-key.png]


Remote Terminal Concurrency
[Image: terminal.png]


Remote File Browser Concurrency + Reactive[Image: files.png]


Remote Process List
[Image: process.png]


SubSeven Art Gallery
[Image: art.png]]]> <![CDATA[CIH (Chernobyl)]]> https://hackmyride.com/forum/showthread.php?tid=1612 Sat, 18 Mar 2023 21:02:49 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1612 CIH (Chernobyl)

CIH (also known as Chernobyl) was created in 1998 by Chen Ing-hau, a student at Tatung University in Taiwan. It affects only older Windows 9x (95, 98, Me) operating systems.
[/url]This program and its source files are only for educational purposes. Do not execute this program if you don't know what it does.

[url=https://github.com/onx/CIH#references]References

Clone
HTTPS
Code:
https://github.com/onx/CIH.git

SSH
Code:
git@github.com:onx/CIH.git

GitHub CLI
Code:
gh repo clone onx/CIH

     Open with GitHub Desktop 

     Download ZIP 

Use Git or checkout with SVN using the web URL.
[*]Open with GitHub Desktop
[*]Download ZIP]]> CIH (Chernobyl)

CIH (also known as Chernobyl) was created in 1998 by Chen Ing-hau, a student at Tatung University in Taiwan. It affects only older Windows 9x (95, 98, Me) operating systems.
[/url]This program and its source files are only for educational purposes. Do not execute this program if you don't know what it does.

[url=https://github.com/onx/CIH#references]References

Clone
HTTPS
Code:
https://github.com/onx/CIH.git

SSH
Code:
git@github.com:onx/CIH.git

GitHub CLI
Code:
gh repo clone onx/CIH

     Open with GitHub Desktop 

     Download ZIP 

Use Git or checkout with SVN using the web URL.
[*]Open with GitHub Desktop
[*]Download ZIP]]> <![CDATA[Aircrack-ng 1.7]]> https://hackmyride.com/forum/showthread.php?tid=1611 Sat, 18 Mar 2023 20:53:54 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1611 Aircrack-ng 1.7

Description
Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
  • Monitoring: Packet capture and export of data to text files for further processing by third party tools
  • Attacking: Replay attacks, deauthentication, fake access points and others via packet injection
  • Testing: Checking WiFi cards and driver capabilities (capture and injection)
  • Cracking: WEP and WPA PSK (WPA 1 and 2)

All tools are command line which allows for heavy scripting. A lot of GUIs have taken advantage of this feature. It works primarily on Linux but also Windows, macOS, FreeBSD, OpenBSD, NetBSD, as well as Solaris and even eComStation 2.


Downloads
Sources
  • Aircrack-ng 1.7
    SHA1: bd43a35281c9c81d958b95aa76b4404c29f904ff
    MD5: a918ea7146f91d8c799fb770c38f4bec
Binaries
  • Aircrack-ng 1.7 (Windows)
    SHA1: 872ef4f731080626d7cee893ef42c8f630ce90cd
    MD5: 37af71e78813e897297cca59cc0f70b7

    Important information:
    This version requires you to develop your own DLLs to link aircrack-ng to your wireless card (it will not work without).
    The required DLLs are not provided in the download and there will be no support for them.
  • Linux packages can be found here.
Previous versions
  • Previous versions of Aircrack-ng can be found here.
  • A backup of the original versions (from Christophe Devine) are available here.
Sample files
  • test.ivs - This is a 128 bit WEP key file. The key is AE:5B:7F:3A:03:D0:AF:9B:F6:8D:A5:E2:C7.
  • ptw.cap - This is a 64 bit WEP key file suitable for the PTW method. The key is 1F:1F:1F:1F:1F.
Changelog ]]> Aircrack-ng 1.7

Description
Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
  • Monitoring: Packet capture and export of data to text files for further processing by third party tools
  • Attacking: Replay attacks, deauthentication, fake access points and others via packet injection
  • Testing: Checking WiFi cards and driver capabilities (capture and injection)
  • Cracking: WEP and WPA PSK (WPA 1 and 2)

All tools are command line which allows for heavy scripting. A lot of GUIs have taken advantage of this feature. It works primarily on Linux but also Windows, macOS, FreeBSD, OpenBSD, NetBSD, as well as Solaris and even eComStation 2.


Downloads
Sources
  • Aircrack-ng 1.7
    SHA1: bd43a35281c9c81d958b95aa76b4404c29f904ff
    MD5: a918ea7146f91d8c799fb770c38f4bec
Binaries
  • Aircrack-ng 1.7 (Windows)
    SHA1: 872ef4f731080626d7cee893ef42c8f630ce90cd
    MD5: 37af71e78813e897297cca59cc0f70b7

    Important information:
    This version requires you to develop your own DLLs to link aircrack-ng to your wireless card (it will not work without).
    The required DLLs are not provided in the download and there will be no support for them.
  • Linux packages can be found here.
Previous versions
  • Previous versions of Aircrack-ng can be found here.
  • A backup of the original versions (from Christophe Devine) are available here.
Sample files
  • test.ivs - This is a 128 bit WEP key file. The key is AE:5B:7F:3A:03:D0:AF:9B:F6:8D:A5:E2:C7.
  • ptw.cap - This is a 64 bit WEP key file suitable for the PTW method. The key is 1F:1F:1F:1F:1F.
Changelog ]]> <![CDATA[NetStumbler 0.4.0 Build 554]]> https://hackmyride.com/forum/showthread.php?tid=1610 Sat, 18 Mar 2023 20:44:39 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1610 NetStumbler 0.4.0 Build 554

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
  • Verify that your network is set up the way you intended.
  • Find locations with poor coverage in your WLAN.
  • Detect other networks that might be causing interference with your network.
  • Detect unauthorized "rogue" access points in your workplace.
  • Help aim directional antennas for long-haul WLAN links.
  • Use it recreationally for WarDriving.


.rar   netstumblerinstaller_0_4_0.rar (Size: 1.23 MB / Downloads: 0) ]]> NetStumbler 0.4.0 Build 554

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
  • Verify that your network is set up the way you intended.
  • Find locations with poor coverage in your WLAN.
  • Detect other networks that might be causing interference with your network.
  • Detect unauthorized "rogue" access points in your workplace.
  • Help aim directional antennas for long-haul WLAN links.
  • Use it recreationally for WarDriving.


.rar   netstumblerinstaller_0_4_0.rar (Size: 1.23 MB / Downloads: 0) ]]> <![CDATA[Kismet]]> https://hackmyride.com/forum/showthread.php?tid=1605 Sat, 18 Mar 2023 20:15:16 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1605 Downloads
Kismet and related projects primary download page

Kismet Packages
You can get packages for the latest Kismet code for many distributions from the Kismet package repositories.

Kismet 2022-08-R1 [/url]
The latest stable Kismet release is 2022-08-R1
Initial introduction of 6e 6GHz support
Significant memory improvements
Significant performance improvements in dense environments

Read the full release announcement here.

Download the kismet-2022-08-R1 source tarball here, or check out the tagged release from the Git repository.

If you’re interested in the absolute latest development Kismet code, check out the git code, below.

Kismet git 
Kismet uses git for code management; code under development is in the 
master branch of the git repository, and the development of new features happens here.

While the development code may be unstable, generally it is quite usable, and may offer features and bug fixes which haven’t made it into a release version yet.

To get the latest code prior to release, check out the git master branch:

Code:
git clone https://www.kismetwireless.net/git/kismet.git



or to checkout from the Github mirror:

Code:
git clonehttps://github.com/kismetwireless/kismet.git



You can browse the development code via Github here

Nightly packages are also available, which are built for many distributions from the 
master branch of git.


Kismet documentation 

The Kismet documentation (in markdown/kramdown format used to generate the documentation for the website) is available as part of its own repository. This repository is linked as a sub-module in the Kismet git tree, or is available stand-alone at:

Code:
git clone https://www.kismetwireless.net/git/kismet-docs.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/kismet-docs.git


Kismet Python modules 
Kismet has several Python modules which help when scripting against the Kismet server or Kismet data; these modules are being spun into their own repositories for easier inclusion in PyPy and similar.

py-kismetdb database module 
A utility Python module for processing the Kismetdb log file format and extracting devices, packets, messages, and the other data stored therein.

Code:
git clone https://www.kismetwireless.net/git/python-kismet-db.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-db.git


py-kismetrest module 
A utility python module for interacting with the Kismet REST endpoints

Code:
git clone https://www.kismetwireless.net/git/python-kismet-rest.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-rest.git


py-kismetexternal module 
A utility python module for creating Kismet datasources and external-helper plugins

Code:
git clone https://www.kismetwireless.net/git/python-kismet-external.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-external.git


Spectools 
Spectools development code can be found in the spectools git at:

Code:
git clone https://www.kismetwireless.net/git/spectools.git


or you can download the Spectools-2016-01-R1 code release here

Android PCAP [url=https://www.kismetwireless.net/download/#a-nameandroid-pcap-gitaandroid-pcap]
Android PCAP was an experiment in porting a Wi-Fi USB driver from Linux to the Android USB API; while funcitonal, this targets only a very old version of an old driver, and an old version of Android, making the code likely of academic interest only.

Code:
git clone https://www.kismetwireless.net/git/android-pcap.git
]]> Downloads
Kismet and related projects primary download page

Kismet Packages
You can get packages for the latest Kismet code for many distributions from the Kismet package repositories.

Kismet 2022-08-R1 [/url]
The latest stable Kismet release is 2022-08-R1
Initial introduction of 6e 6GHz support
Significant memory improvements
Significant performance improvements in dense environments

Read the full release announcement here.

Download the kismet-2022-08-R1 source tarball here, or check out the tagged release from the Git repository.

If you’re interested in the absolute latest development Kismet code, check out the git code, below.

Kismet git 
Kismet uses git for code management; code under development is in the 
master branch of the git repository, and the development of new features happens here.

While the development code may be unstable, generally it is quite usable, and may offer features and bug fixes which haven’t made it into a release version yet.

To get the latest code prior to release, check out the git master branch:

Code:
git clone https://www.kismetwireless.net/git/kismet.git



or to checkout from the Github mirror:

Code:
git clonehttps://github.com/kismetwireless/kismet.git



You can browse the development code via Github here

Nightly packages are also available, which are built for many distributions from the 
master branch of git.


Kismet documentation 

The Kismet documentation (in markdown/kramdown format used to generate the documentation for the website) is available as part of its own repository. This repository is linked as a sub-module in the Kismet git tree, or is available stand-alone at:

Code:
git clone https://www.kismetwireless.net/git/kismet-docs.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/kismet-docs.git


Kismet Python modules 
Kismet has several Python modules which help when scripting against the Kismet server or Kismet data; these modules are being spun into their own repositories for easier inclusion in PyPy and similar.

py-kismetdb database module 
A utility Python module for processing the Kismetdb log file format and extracting devices, packets, messages, and the other data stored therein.

Code:
git clone https://www.kismetwireless.net/git/python-kismet-db.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-db.git


py-kismetrest module 
A utility python module for interacting with the Kismet REST endpoints

Code:
git clone https://www.kismetwireless.net/git/python-kismet-rest.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-rest.git


py-kismetexternal module 
A utility python module for creating Kismet datasources and external-helper plugins

Code:
git clone https://www.kismetwireless.net/git/python-kismet-external.git


or the Github mirror:

Code:
git clone https://github.com/kismetwireless/python-kismet-external.git


Spectools 
Spectools development code can be found in the spectools git at:

Code:
git clone https://www.kismetwireless.net/git/spectools.git


or you can download the Spectools-2016-01-R1 code release here

Android PCAP [url=https://www.kismetwireless.net/download/#a-nameandroid-pcap-gitaandroid-pcap]
Android PCAP was an experiment in porting a Wi-Fi USB driver from Linux to the Android USB API; while funcitonal, this targets only a very old version of an old driver, and an old version of Android, making the code likely of academic interest only.

Code:
git clone https://www.kismetwireless.net/git/android-pcap.git
]]> <![CDATA[DAVTest]]> https://hackmyride.com/forum/showthread.php?tid=1604 Sat, 18 Mar 2023 17:51:59 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1604 DAVTest

DavTest 1.0:   https://github.com/sullo/davtest

DAVTest tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. It is meant for penetration testers to quickly and easily determine if enabled DAV services are exploitable.

DAVTest supports:
  • Automatically sending of exploit files
  • Automatic randomization of directory to help hide files
  • Send text files and try MOVE to executable name
  • Basic and Digest authorization
  • Automatic clean-up of uploaded files
  • Send an arbitrary file

DAVTest enables the pentester to quickly determine if a host is vulnerable and then gain access to that host. DAVTest tries to upload test files of various extension types (e.g., ".php" or ".txt"), checks if those files were uploaded successfully, and then if they can execute on the server. It also allows for uploading of the files as plain text files and then trying to use the MOVE command to rename them to an executable.

Assuming you can upload an executable, a test file does you no good--so DAVTest can automatically upload a fully functional shell or back-door. It ships with shells for PHP, ASP, ASPX, CFM, JSP, CGI, and PL, and dropping a file in the right directory will let you upload any back-door you like.]]> DAVTest

DavTest 1.0:   https://github.com/sullo/davtest

DAVTest tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. It is meant for penetration testers to quickly and easily determine if enabled DAV services are exploitable.

DAVTest supports:
  • Automatically sending of exploit files
  • Automatic randomization of directory to help hide files
  • Send text files and try MOVE to executable name
  • Basic and Digest authorization
  • Automatic clean-up of uploaded files
  • Send an arbitrary file

DAVTest enables the pentester to quickly determine if a host is vulnerable and then gain access to that host. DAVTest tries to upload test files of various extension types (e.g., ".php" or ".txt"), checks if those files were uploaded successfully, and then if they can execute on the server. It also allows for uploading of the files as plain text files and then trying to use the MOVE command to rename them to an executable.

Assuming you can upload an executable, a test file does you no good--so DAVTest can automatically upload a fully functional shell or back-door. It ships with shells for PHP, ASP, ASPX, CFM, JSP, CGI, and PL, and dropping a file in the right directory will let you upload any back-door you like.]]> <![CDATA[Nikto2 Web Server Scanner]]> https://hackmyride.com/forum/showthread.php?tid=1602 Sat, 18 Mar 2023 17:40:28 -0500 HackMaster]]> https://hackmyride.com/forum/showthread.php?tid=1602 Nikto2

Install (recommended): Run from a git repo -  https://github.com/sullo/nikto
Download: Latest GitHub Release (zip)

Nikto is sponsored by Netsparker, a dead accurate and easy to use web application security solution.
Click here to get a demo of Netsparker

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is not designed as a stealthy tool. It will test a web server in the quickest time possible, and is obvious in log files or to an IPS/IDS. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.

Features
Here are some of the major features of Nikto. See the documentation for a full list of features and how to use them.
  • SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's
    Perl/NetSSL)
  • Full HTTP proxy support
  • Checks for outdated server components
  • Save reports in plain text, XML, HTML, NBE or CSV
  • Template engine to easily customize reports
  • Scan multiple ports on a server, or multiple servers via input file (including nmap output)
  • LibWhisker's IDS encoding techniques
  • Easily updated via command line
  • Identifies installed software via headers, favicons and files
  • Host authentication with Basic and NTLM
  • Subdomain guessing
  • Apache and cgiwrap username enumeration
  • Mutation techniques to "fish" for content on web servers
  • Scan tuning to include or exclude entire classes of vulnerability
    checks
  • Guess credentials for authorization realms (including many default id/pw combos)
  • Authorization guessing handles any directory, not just the root
    directory
  • Enhanced false positive reduction via multiple methods: headers,
    page content, and content hashing
  • Reports "unusual" headers seen
  • Interactive status, pause and changes to verbosity settings
  • Save full request/response for positive tests
  • Replay saved positive requests
  • Maximum execution time per target
  • Auto-pause at a specified time
  • Checks for common "parking" sites
  • Thorough documentation


[Image: nikto.png]]]> Nikto2

Install (recommended): Run from a git repo -  https://github.com/sullo/nikto
Download: Latest GitHub Release (zip)

Nikto is sponsored by Netsparker, a dead accurate and easy to use web application security solution.
Click here to get a demo of Netsparker

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is not designed as a stealthy tool. It will test a web server in the quickest time possible, and is obvious in log files or to an IPS/IDS. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are "info only" type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.

Features
Here are some of the major features of Nikto. See the documentation for a full list of features and how to use them.
  • SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's
    Perl/NetSSL)
  • Full HTTP proxy support
  • Checks for outdated server components
  • Save reports in plain text, XML, HTML, NBE or CSV
  • Template engine to easily customize reports
  • Scan multiple ports on a server, or multiple servers via input file (including nmap output)
  • LibWhisker's IDS encoding techniques
  • Easily updated via command line
  • Identifies installed software via headers, favicons and files
  • Host authentication with Basic and NTLM
  • Subdomain guessing
  • Apache and cgiwrap username enumeration
  • Mutation techniques to "fish" for content on web servers
  • Scan tuning to include or exclude entire classes of vulnerability
    checks
  • Guess credentials for authorization realms (including many default id/pw combos)
  • Authorization guessing handles any directory, not just the root
    directory
  • Enhanced false positive reduction via multiple methods: headers,
    page content, and content hashing
  • Reports "unusual" headers seen
  • Interactive status, pause and changes to verbosity settings
  • Save full request/response for positive tests
  • Replay saved positive requests
  • Maximum execution time per target
  • Auto-pause at a specified time
  • Checks for common "parking" sites
  • Thorough documentation


[Image: nikto.png]]]>