{"id":18107155,"url":"https://github.com/byt3n33dl3/thc-Nikto","last_synced_at":"2025-03-29T13:31:50.807Z","repository":{"id":248275091,"uuid":"779358525","full_name":"byt3n33dl3/thc-Nikto","owner":"byt3n33dl3","description":"Nikto the Alienware : Advance web scanner, Identify by scanning for Misconfigurations and Information disclosures.","archived":false,"fork":false,"pushed_at":"2024-07-17T08:01:06.000Z","size":42499,"stargazers_count":18,"open_issues_count":0,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-03-19T17:49:19.142Z","etag":null,"topics":["networks","nikto","vurnerable","web","web-scanner"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/byt3n33dl3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-29T16:46:49.000Z","updated_at":"2024-11-18T06:09:44.000Z","dependencies_parsed_at":"2024-07-17T10:08:48.801Z","dependency_job_id":null,"html_url":"https://github.com/byt3n33dl3/thc-Nikto","commit_stats":null,"previous_names":["pxcs/valdenikto","byt3n33dl3/valdenikto","byt3n33dl3/thc-nikto"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byt3n33dl3%2Fthc-Nikto","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byt3n33dl3%2Fthc-Nikto/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byt3n33dl3%2Fthc-Nikto/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byt3n33dl3%2Fthc-Nikto/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/byt3n33dl3","download_url":"https://codeload.github.com/byt3n33dl3/thc-Nikto/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245841718,"owners_count":20681186,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["networks","nikto","vurnerable","web","web-scanner"],"created_at":"2024-10-31T23:09:33.796Z","updated_at":"2025-03-29T13:31:45.798Z","avatar_url":"https://github.com/byt3n33dl3.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# valdenikto\n\n```shell\n⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡀⠤⠤⠤⠄⠀⠒⠢⣄⠀⠀⠀⠀⠀\n⠀⠀⠀⠀⠀⠀⡠⠐⢈⠄⠀⠀⠀⠀⠀⠀⠀⠀⢸⠓⠄⠀⠀⠀\n⠀⠀⠀⠀⠐⠈⠠⠊⠀⠀⠀⠀⠀⠀⠀⠀⠀⡠⠊⠀⠈⢂⠀⠀\n⠀⠀⢀⠊⠀⡐⠁⠀⠀⠀⠀⠀⠀⠀⠀⢠⢊⠔⠈⠀⠀⠀⠆⠀\n⠀⣠⡃⠀⢰⠀⠀⠀⠀⢀⡠⠄⠐⠒⠀⢸⢜⠄⠀⠀⠀⠀⠀⠀\n⡐⣁⡑⠀⠘⠀⠀⢀⠔⢁⣀⣤⣤⣤⣒⣤⠀⠈⠀⠀⠀⠀⡄⠀\n⢫⣿⢧⠀⢸⠀⠀⣡⣶⣯⠭⢄⣀⣼⡏⠁⢀⡤⠀⠀⠀⢐⠁⠀\n⢠⢿⣾⣧⠈⠀⢠⣿⣿⣗⢢⣤⣿⡿⢋⠀⡏⠀⠀⠀⠀⡌⠀⠀\n⠘⠳⠙⠻⠀⠀⠰⠿⠟⠛⠻⢍⠫⠒⠁⡰⠀⠀⠀⢀⠜⠀⠀⠀\n⠘⢄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⠠⢊⠀⡇⢠⠒⠁⠀⠀⠀⠀\n⠀⠀⠈⢦⠂⠀⠀⠀⠀⢠⠊⠁⠀⢀⠄⠀⡇⢸⠀⠀⠀⠀⠀⠀\n⠀⠀⠀⠘⢄⡄⢤⢄⠀⠘⡄⠀⠀⡀⠄⢊⡅⡆⢆⠀⠀⠀⠀⠀\n⠀⠀⠀⠀⠀⢊⠀⠀⠀⠈⢁⠴⠅⣀⣀⠘⢣⠠⠈⠢⢀⠀⠀⠀\n⠀⠀⠀⠀⠀⠈⠢⢄⣀⡠⠊⠀⠀⠈⢣⠀⠈⠃⠡⠀⠀⠉⠐⠄\n⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠰⠇⠀⠀⠐⡑⠤⢀⠀⠀\n\nV A L D E N I K T O - by pxcs \u0026\u0026 sullo\n\n```\n\n**Buffed** alien - Web scanner\n\nRun **normally:**\n\n```\ngit clone https://github.com/pxcs/valdenikto\ncd valdenikto/program\n# Run using the shebang interpreter\n./valdenikto.pl -h http://www.example.com\n# Run using perl (if you forget to chmod)\nperl valdenikto.pl -h http://www.example.com\n```\n\n\n**Usage** : \nvaldenikto -h / -hh\n\nBasic usage:\n\n```perl\nOptions:\n-ask+ Whether to ask about submitting updates\n yes Ask about each (default)\n no Don't ask, don't send\n auto Don't ask, just send\n-Cgidirs+ Scan these CGI dirs: \"none\", \"all\", or values like \"/cgi/ /cgi-a/\"\n-config+ Use this config file\n-Display+ Turn on/off display outputs:\n 1 Show redirects\n 2 Show cookies received\n 3 Show all 200/OK responses\n 4 Show URLs which require authentication\n D Debug output\n E Display all HTTP errors\n P Print progress to STDOUT\n S Scrub output of IPs and hostnames\n V Verbose output\n-dbcheck Check database and other key files for syntax errors\n-followredirects Follow 3xx redirects to new location\n-evasion+ Encoding technique:\n 1 Random URI encoding (non-UTF8)\n 2 Directory self-reference (/./)\n 3 Premature URL ending\n 4 Prepend long random string\n 5 Fake parameter\n 6 TAB as request spacer\n 7 Change the case of the URL\n 8 Use Windows directory separator (\\)\n A Use a carriage return (0x0d) as a request spacer\n B Use binary value 0x0b as a request spacer\n-Format+ Save file (-o) format:\n csv Comma-separated-value\n htm HTML Format\n msf+ Log to Metasploit\n nbe Nessus NBE format\n txt Plain text\n xml XML Format\n (if not specified the format will be taken from the file extension passed to -output)\n-Help Extended help information\n-host+ Target host\n-IgnoreCode Ignore Codes--treat as negative responses\n-id+ Host authentication to use, format is id:pass or id:pass:realm\n-key+ Client certificate key file\n-list-plugins List all available plugins, perform no testing\n-maxtime+ Maximum testing time per host\n-mutate+ Guess additional file names:\n 1 Test all files with all root directories\n 2 Guess for password file names\n 3 Enumerate user names via Apache (/~user type requests)\n 4 Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)\n 5 Attempt to brute force sub-domain names, assume that the host name is the parent domain\n 6 Attempt to guess directory names from the supplied dictionary file\n-mutate-options Provide information for mutates\n-nointeractive Disables interactive features\n-nolookup Disables DNS lookups\n-noslash Strip trailing slash from URL (e.g., '/admin/' to '/admin')\n-nossl Disables the use of SSL\n-no404 Disables valdenikto attempting to guess a 404 page\n-output+ Write output to this file ('.' for auto-name)\n-Pause+ Pause between tests (seconds, integer or float)\n-Plugins+ List of plugins to run (default: ALL)\n-port+ Port to use (default 80)\n-RSAcert+ Client certificate file\n-root+ Prepend root value to all requests, format is /directory\n-Save Save positive responses to this directory ('.' for auto-name)\n-ssl Force ssl mode on port\n-Tuning+ Scan tuning:\n 1 Interesting File / Seen in logs\n 2 Misconfiguration / Default File\n 3 Information Disclosure\n 4 Injection (XSS/Script/HTML)\n 5 Remote File Retrieval - Inside Web Root\n 6 Denial of Service\n 7 Remote File Retrieval - Server Wide\n 8 Command Execution / Remote Shell\n 9 SQL Injection\n 0 File Upload\n a Authentication Bypass\n b Software Identification\n c Remote Source Inclusion\n x Reverse Tuning Options (i.e., include all except specified)\n-timeout+ Timeout for requests (default 10 seconds)\n-Userdbs Load only user databases, not the standard databases\n all Disable standard dbs and load only user dbs\n tests Disable only db_tests and load udb_tests\n-until Run until the specified time or duration\n-update Update databases and plugins from CIRT.net\n-useproxy Use the proxy defined in valdenikto.conf\n-usecookies Use cookies from responses in future requests\n-Version Print plugin and database versions\n-vhost+ Virtual host (for Host header)\n + requires a value\n```\n\n# Thanks to:\n\n- \u003eChris sullo ( for making nikto )\n- GangstaCrew ( organization )\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbyt3n33dl3%2Fthc-Nikto","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbyt3n33dl3%2Fthc-Nikto","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbyt3n33dl3%2Fthc-Nikto/lists"}