Nikto

Nikto is a web server scanner that checks for dangerous files, outdated software, and misconfigurations.

Installation

# Kali Linux
nikto

# Git clone
git clone https://github.com/sullo/nikto.git
cd nikto/program

Basic Usage

# Scan a host
nikto -h https://target.com

# Specify port and SSL
nikto -h target.com -p 443 -ssl

# Output to file
nikto -h https://target.com -o nikto.txt

Scenarios

# Quick scan with reduced noise
nikto -h https://target.com -Tuning bde

# Scan a list of targets
nikto -h targets.txt -Format txt

# Authenticate to a protected site
nikto -h https://target.com -id user:password

# Bypass DNS resolution issues
nikto -h https://target.com -D

Tuning

# Tuning options (1-9)
nikto -h https://target.com -Tuning 123b

# Disable DNS lookups
nikto -h https://target.com -D