📌 What is Nikto?
Nikto is an open-source web server scanner written in Perl. It performs comprehensive tests against web servers, detecting over 6,700 potentially dangerous files/programs, outdated server software, and other security issues such as default files, insecure HTTP headers, and misconfigured options.
🛠️ Key Features
- Scans for over 6700 known vulnerabilities
- Identifies outdated software versions
- Checks for insecure HTTP methods
- Custom plugin support and SSL scanning
- Supports proxy, IDS evasion, and tuning options
📥 Installation
Install Nikto using Git:
git clone https://github.com/sullo/nikto.git
cd nikto
perl nikto.pl -HNikto does not require complex dependencies; just ensure Perl is installed on your system.
🚀 Basic Usage
Scan a single host:
perl nikto.pl -h http://example.comScan using HTTPS:
perl nikto.pl -h https://secure.example.comScan an IP address with a specified port:
perl nikto.pl -h 192.168.1.10 -p 8080⚙️ Advanced Usage & Options
-output→ Save the scan results to a file-Tuning→ Choose specific types of tests (files, headers, injection, etc.)-Display→ Control verbosity of results-Plugins→ Load specific plugins for targeted scans-ssl→ Force SSL for non-standard ports-useproxy→ Send traffic through a proxy
Example: Only scan for interesting files and headers:
perl nikto.pl -h http://example.com -Tuning 1 4🌐 Real-World Example
Scanning a vulnerable web app like DVWA (Damn Vulnerable Web Application):
perl nikto.pl -h http://192.168.56.101/dvwaExpected results:
- Detection of PHP files with parameter-based injection points
- Insecure HTTP headers (e.g., X-Frame-Options missing)
- Exposed directories like
/config/or/admin/ - Known vulnerabilities in Apache or PHP version
💡 Practical Tips
- Use
-outputto store logs for later analysis - Run with different
-Tuningvalues for more granular results - Pair Nikto with tools like Burp Suite or Nmap for deeper testing
- Avoid scanning production servers without permission – Nikto is noisy!
- Integrate into CI pipelines for automated scanning of test environments