summaryrefslogtreecommitdiffstats
path: root/testing/nikto/nikto.conf.base
diff options
context:
space:
mode:
Diffstat (limited to 'testing/nikto/nikto.conf.base')
-rw-r--r--testing/nikto/nikto.conf.base82
1 files changed, 82 insertions, 0 deletions
diff --git a/testing/nikto/nikto.conf.base b/testing/nikto/nikto.conf.base
new file mode 100644
index 000000000..3f17dfef2
--- /dev/null
+++ b/testing/nikto/nikto.conf.base
@@ -0,0 +1,82 @@
+#########################################################################################################
+# CONFIG STUFF
+# $Id: config.txt 94 2009-01-21 22:47:25Z deity $
+#########################################################################################################
+
+# default command line options, can't be an option that requires a value. used for ALL runs.
+# CLIOPTS=-g -a
+
+# ports never to scan
+SKIPPORTS=21 111
+
+# User-Agent variables:
+ # @VERSION - Nikto version
+ # @TESTID - Test identifier
+ # @EVASIONS - List of active evasions
+USERAGENT=Mozilla/5.00 (Nikto/@VERSION) (Evasions:@EVASIONS) (Test:@TESTID)
+
+# RFI URL. This remote file should return a phpinfo call, for example: <?php phpinfo(); ?>
+# You may use the one below, if you like.
+RFIURL=http://cirt.net/rfiinc.txt?
+
+# IDs never to alert on (Note: this only works for IDs loaded from db_tests)
+#SKIPIDS=
+
+# The DTD
+NIKTODTD=docs/nikto.dtd
+
+# the default HTTP version to try... can/will be changed as necessary
+DEFAULTHTTPVER=1.0
+
+# Nikto can submit updated version strings to CIRT.net. It won't do this w/o permission. You should
+# send updates because it makes the data better for everyone ;) *NO* server specific information
+# such as IP or name is sent, just the relevant version information.
+# UPDATES=yes - ask before each submission if it should send
+# UPDATES=no - don't ask, don't send
+# UPDATES=auto - automatically attempt submission *without prompting*
+UPDATES=yes
+
+# Warning if MAX_WARN OK or MOVED responses are retrieved
+MAX_WARN=20
+
+# Prompt... if set to 'no' you'll never be asked for anything. Good for automation.
+#PROMPTS=no
+
+# cirt.net : set the IP so that updates can work without name resolution -- just in case
+CIRT=174.142.17.165
+
+# Proxy settings -- still must be enabled by -useproxy
+#PROXYHOST=127.0.0.1
+#PROXYPORT=8080
+#PROXYUSER=proxyuserid
+#PROXYPASS=proxypassword
+
+# Cookies: send cookies with all requests
+# Multiple can be set by separating with a semi-colon, e.g.:
+# "cookie1"="cookie value";"cookie2"="cookie val"
+#STATIC-COOKIE=
+
+# The below allows you to vary which HTTP methods are used to check whether an HTTP(s) server
+# is running. Some web servers, such as the autopsy web server do not implement the HEAD method
+CHECKMETHODS=HEAD GET
+
+# If you want to specify the location of any of the files, specify them here
+EXECDIR=/etc/nikto # Location of Nikto
+PLUGINDIR=/etc/nikto/plugins # Location of plugin dir
+DBDIR=/etc/nikto/databases # Location of plugin dir
+TEMPLATEDIR=/etc/nikto/templates # Location of tempmlate dir
+DOCDIR=/etc/nikto/docs # Location of docs dir
+
+# Default plugin macros
+@@MUTATE=dictionary;subdomain
+@@DEFAULT=@@ALL;-@@MUTATE;tests(report:500)
+
+#Choose SSL libs
+# Options:
+# SSLeay - use Net::SSLeay
+# SSL - use Net::SSL
+# auto - automatically choose whats available
+# (SSLeay wins if both are available)
+LW_SSL_ENGINE=auto
+
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-04 20:16:50 +0000