Meet MacNikto

MacNikto iconMacNikto is an AppleScript GUI shell script wrapper built in Apple's Xcode and Interface Builder, released under the terms of the GPL. It provides easy access to a subset of the features available in the Open Source, command-line driven Nikto web security scanner, installed along with the MacNikto application.

Scan Tab View

Advanced Tab View

Help Main Page

From the Nikto web site:

Nikto performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, versions on over 1250 servers, and version specific problems on over 270 servers.

The goal of MacNikto is to make Nikto's basic web server scanning and reporting more accessible by providing an easy to use interface. Tool tips are provided for many of the interface elements to help you recall their function or dependencies.

About the screens:

The Scan Tab View is the default view and where scanning is initiated. Without leaving this view, you can scan your web server and study the resulting report.

The Advanced Tab View allows you to set MacNikto's optional features. You can select a non-standard port or port range. You can choose to set and export a report format, and have it open automatically. You can also check to see if the Nikto database has been updated.

MacNikto's Help covers functionality, troubleshooting and customization, along with the GPL licensing and acknowledgments.

MacOS X Universal Binary badge

Application reqs/info:

MacNikto is a Universal Binary and works with OS X.5 - .10 on PPC and MacIntel systems.

The installer package consists of a meta-installer bundling the MacNikto application and help files along with Nikto 2.1.5, which can be used directly from the Terminal as well as from within MacNikto 1.2's GUI.

MacNikto is installed in /Applications and Nikto is installed, after authentication, at /usr/local/nikto.

Thanks for checking out MacNikto -- I hope you find it useful! You can post comments here or email me directly via lewis at lewisfrancis dot com.

Please act responsibly and use only on servers of your own or those for which you have permission!

Posted by Lewis Francis at 2:58 PM | Permalink | Comments (36)