MacNikto

The MacNikto 1.01 update bundles the latest version of Nikto. [Nikto 1.36 | Nikto Changes]

Additionally, some minor GUI interface and Help tweaks/updates; the Auto-save checkbox now self-selects when a report save location is set to save you a step.

Posted by: lewis Francis at February 17, 2007 8:11 PM

Help Net Security recently published an article called MacNikto: Working with the Nikto Web Server Security Scanner on the Mac.

Posted by: lewis Francis at September 6, 2007 1:38 PM

Other than pushing the Report Format pop-up a couple pixels, looks like the current version of MacNikto works as expected on Leopard.

FYI: all users should update the Nikto database using the Update DB button under the Advanced tab. This brings the database up to v 1.39 and adds some new tests.

Posted by: Lewis Francis at October 27, 2007 10:33 PM

Just a quick note that MacNikto 1.1 will be posted offering Nikto 2 support, along with a few interface tweaks, once Nikto 2.03 is released.

I worked on Nikto 2.x support in April but ran into a bug that will be fixed in 2.03; also found that Nikto 2.03 will require a complete reinstall due to changes in the core application, so it seems to make sense to hold off.

In the mean time, if you really want MacNikto to run Nikto 2.x tests, and are comfortable with command-line operations, you can try following instructions posted by Jordan to update the Nikto installation provided by MacNikto 1.0x installers. Note that auto/full scans and port ranges will not work, and database updates likely will not function once Nikto 2.03 is released.

Posted by: Lewis Francis at June 29, 2008 9:42 PM

Congrats, an gui interface for a great Un*x Tool, and only for mac users. Tally Ho!

Posted by: Mr. Howard R. Hughes, JR. at July 25, 2008 7:13 AM

Am I'm still the only user to post a comment on this wonderful tool? Keep up the good work Lewis!

Posted by: Mr. Howard R. Hughes, JR. at September 8, 2008 7:53 AM

MacNikto 1.1 with Nikto 2.03 support is now available for download.

Changes:

• Updated to support Nikto 2.03 release
• Added support for Nikto 2's new XML export feature
• Now preserves settings between launches
• Now prompts for a Nikto database update on first run
• Added checkbox for SSL-only testing
• Added checkbox for Find-only testing
• Added custom MacNikto config so that Terminal users can use their own config file w/o conflict
• Streamlined report workflow by auto-selecting save/launch options when save location has been set
• Added Nikto component versions sheet view
• For privacy considerations, no longer automatically submits new server types by default
• Removed auto/full controls as these are now redundant in Nikto 2.x
• Fixed error when printing while on tabs other than the Scan tab
• Minor interface tweaks, better error trapping, help and copyright updates

Let me know if you find anything odd or unexpected. Thanks!

Posted by: Lewis Francis at September 19, 2008 11:43 PM

Why do I need to write my password to install it?

Posted by: rod at January 8, 2009 9:57 AM

It's required in order to install the Nikto files at /usr/local/.

Posted by: lewis Francis at January 8, 2009 10:55 AM

Likely the same reason that one needs to enter an admin password to update the database. I would have to question the reason why though. Can't the update files just be placed in the user's home directory insteed of a system folder? Correct me if I'm wrong, but doesn't the command line version for other BSD based systems not require admin privileges just to update. As always keep up the good work Lewis!

Posted by: Mr. Howard R. Hughes, JR. at January 10, 2009 7:32 AM

True, the configuration file can be set to point to a plugins folder in a user's home directory, but then you'd always have to be logged in as that user in order to run the app.

IIRC, the old version of Nikto/MacNikto on Tiger didn't require authentication to update files; when I started working on MacNikto 1.1/Nikto 2.x on Leopard, I found I did. Not sure why; I was more interested in seeing how I could accommodate authentication in Applescript/Xcode than I was in finding out what caused the change in behavior. ;)

Posted by: Lewis Francis at January 11, 2009 5:06 PM

Just a note to say MacNikto appears to work fine under Snow Leopard.

Posted by: Lewis Francis at October 13, 2009 8:57 AM

sir,please update with nikto 2.1 :)

Posted by: bojinov at January 19, 2010 10:03 AM

I've actually created a Nikto 2.1.0 installer that will allow an already installed MacNikto to use the new Nikto scripts and databases -- the only difference is a new MacNikto config file -- however, I've not officially released it because 2.1.1 is due out imminently. If you can't wait, contact me directly and I'll give you the url to the 2.1.0 installer or modified config file if you prefer to install Nikto yourself.

Posted by: Lewis Francis at January 19, 2010 11:31 AM

ANy updates coming for this? Still a great, great tool

Posted by: at January 27, 2010 7:37 PM

Still waiting for Nikto 2.1.1 to drop. As for MacNikto updates, anything I should add?

Posted by: Lewis francis at January 29, 2010 12:06 PM

FYI, it looks like Nikto 2.1.1 was released yesterday.

Posted by: Peter at February 3, 2010 1:45 AM

This is a very nice program! One minor issue: if the scan text file is in a directory with a space in it, the program doesn't run. Looks like the spaces just need to be escaped when the parameters are passed to perl.

Posted by: Micah at February 8, 2010 3:48 PM

Name:


Email Address:


URL:

Remember personal info?
YesNo
Comments:

Voigt-Kampf verification (needed to reduce spam):