β˜„οΈ
Certified Ethical Hacker
  • πŸ‘‰Certified Ethical Hacker Cheatsheet
  • 🐧General Settings
    • πŸ“¦APT Package Manager
    • πŸ€–Cron
    • 🦊Firefox Extensions
  • ✍️Research & Report
    • πŸ’ Obsidian
    • 🎒Notion
    • 🐼Pwndocs
  • πŸ”ŽInformation Gathering
    • πŸ“›NSLookup // Dig // Whois
    • πŸ“œNmap
    • πŸ–₯️DNS Enumeration
  • πŸ”¬Vulnerability Assessment
    • 🌐Web Assessment
      • Nikto
      • WPScan
    • πŸ•ΈοΈNetwork Assessment
      • OpenVAS
      • Nessus
  • βš”οΈExploitation
    • πŸ”΄Metasploit
    • 🐍MSFVenom
    • πŸ‘οΈSearchsploit
    • 🐚Revshells
    • 🐱Netcat
      • 😾Pwncat-CS
    • πŸ’ͺBrute Force
    • πŸ”’Wi-FI
  • ⚜️Post Exploitation
    • β›ΊPersistence
    • πŸ“File Transfer
      • Netcat
      • SMB
      • Python
      • Updog
      • Linpeas
    • πŸ•³οΈTunnelling
Powered by GitBook
On this page
  • Installation
  • Basic Scan
  • Full Cheatsheet
  1. Vulnerability Assessment
  2. Web Assessment

Nikto

Nikto Website Vulnerability Assessment Tool

PreviousWeb AssessmentNextWPScan

Last updated 1 year ago

Installation

git clone https://github.com/sullo/nikto

# Main script is in program/
cd nikto/program

# Check out the 2.5.0 branch
git checkout nikto-2.5.0

# Run using the shebang interpreter
./nikto.pl -h http://www.example.com

# Run using perl (if you forget to chmod)
perl nikto.pl -h http://www.example.com

# OR WITH APT
sudo apt-get install nikto -y

Docker

git clone https://github.com/sullo/nikto.git
cd nikto
docker build -t sullo/nikto .

# Call it without arguments to display the full help
docker run --rm sullo/nikto

# Basic usage
docker run --rm sullo/nikto -h http://www.example.com

# To save the report in a specific format, mount /tmp as a volume:
docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json

Basic Scan

# Scan Host Name/IP Address
nikto -h google.com

# Scan Ports
nikto -h -port Port1(,Port2..Port3..)

Full Cheatsheet

πŸ”¬
🌐
https://github.com/sullo/nikto