Informatique inside

wget http://www.cirt.net/nikto/nikto-current.tar.gz
tar xzvf nikto-current.tar.gz
cd nikto-1.35 (si c'est la m?me version)

apt-get install nikto

nikto -h 'ip' -p 80

perl nikto.pl -h 'ip' -p 80

Cgidirs               
                Optionally force the CGI directories to scan. Valid values are 'none' to not check any, 'all' to force scan all
                CGi directories (like the deprecated -allcgi), or a value to use as the CGI directory, i.e. '/cgi/'.

      -cookies               
                Print out the cookie names and values that were received during the scan.

      -evasion
           IDS evasion techniques. This enables the intrusion detection evasion in LibWhisker. Multiple options
           can be used by stringing the numbers together, i.e. to enable methods 1 and 5, use "-e 15". The valid
           options are (use the number preceeding each description):
                 1     Random URI encoding (non-UTF8)
                 2     Add directory self-reference /./
                 3     Premature URL ending
                 4     Prepend long random string to request
                 5     Fake parameters to files
                 6     TAB as request spacer instead of spaces
                 7     Random case sensitivity
                 8     Use Windows directory separator \ instead of /
                 9     Session splicing
                See the LibWhisker source for more information, or http://www.wiretrip.net/

      -findonly
                Use port scan to find valid HTTP and HTTPS ports only, but do not perform checks against them.

      -Format
                Output format for the file specified with the -output option. Valid formats are:
                     HTM - HTML output format.
                     TXT - Text output format. This is the default if -F is not specified.
                     CSV - Comma Seperated Value format.

      -generic
                Force full scan rather than trusting the "Server:" identification string, as many servers allow this
                to be changed.

      -host
           Target host(s) to check against. This can be an IP address or hostname, or a file of IPs or hostnames.
           If this argument is a file, it should formatted as described below. This is the only required option.

      -id
                HTTP Authentication use, format is userid:password for authorizing Nikto a web server realm. For NTLM
                realms, format is id:password:realm.

      -mutate
                Mutate checks. This causes Nikto put all files with all directories from the .db files and
                can the host. You might find some oddities this way. Note that it generates a lot of checks.

      -nolookup
                Don't perform a host name lookup.

      -output
                Write output to this file when complete. Format is text unless specified via -Format.

      -port
                Port number to scan, defaults to port 80 if missing. This can also be a range or list of ports, which
                Nikto will check for web servers. If a web server is found, it will perform a full scan unless the
                -f option is used.

      -root
                Always prepend this to requests, i.e., changes a request of "/password.txt" to "/directory/password.txt"
                (assuming the value passed on the CLI was "/directory")

      -ssl
                Force SSL mode on port(s) listed. Note that Nikto attempts to determine if a port is HTTP or HTTPS
                automatically, but this can be slow if the server fails to respond or is slow to respond to the
                incorrect one. This sets SSL usage for *all* hosts and ports.

      -timeout     
                Timeout for each request, default is 10 seconds
               
      -useproxy
                Use the proxy defined in config.txt for all requests

      -vhost
                Virtual host to use for the "Host:" header, in case it is different from the target.

      -Version
                Print version numbers of Nikto, all plugins and all databases.


Pour le reste:

Code:
  -dbcheck
               This option will check the syntax of the checks in the scan_database.db and user_scan_database.db files. This
               is really only useful if you are adding checks or are having problems.

      -debug
                Print a huge amount of detail out. In most cases this is going to be more information than you need, so
                try -verbose first.
           
          -update
               This will connect to cirt.net and download updated scan_database.db and plugin files. Use this with
               caution as you are downloading files--perhaps including code--from an "untrusted" source. This option
               cannot be combined with any other, but required variables (like the PROXY settings) will be loaded
               from the config.txt file.
         
      -verbose
                Print out a lot of extra data during a run. This can be useful if a scan or server is failing, or to see
                exactly how a server responds to each request.