Nikto

Nikto Website Vulnerability Assessment Tool

Installation

git clone https://github.com/sullo/nikto

# Main script is in program/
cd nikto/program

# Check out the 2.5.0 branch
git checkout nikto-2.5.0

# Run using the shebang interpreter
./nikto.pl -h http://www.example.com

# Run using perl (if you forget to chmod)
perl nikto.pl -h http://www.example.com

# OR WITH APT
sudo apt-get install nikto -y

Docker

git clone https://github.com/sullo/nikto.git
cd nikto
docker build -t sullo/nikto .

# Call it without arguments to display the full help
docker run --rm sullo/nikto

# Basic usage
docker run --rm sullo/nikto -h http://www.example.com

# To save the report in a specific format, mount /tmp as a volume:
docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json

Basic Scan

# Scan Host Name/IP Address
nikto -h google.com

# Scan Ports
nikto -h -port Port1(,Port2..Port3..)

Full Cheatsheet

PreviousWeb AssessmentNextWPScan

Last updated