Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
For downloads and more information,
visit the Nikto homepage.
I've had to research this tool for an assignment for my I.T studies... For an open-source tool, I found it to be very impressive - it made me aware of errors on my Debian VPS I wasn't even aware of. I was also suprised of the vast amount of features it offered, and the types of tests that are available to run. I find it a great tool to test clients' websites and make sure the servers are secure.
Old school tool that continues to find poorly configured web servers. It wont find all your web app bugs but it does find interesting things to poke at.
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).