Nikto
Classic web server scanner that checks for outdated versions, dangerous files, misconfigurations, and common vulnerabilities
Web Vulnerabilities12 commands
#scanner#vulnerability#web#perl
Installation
1Install via package manager
2Verify Perl dependency
3Update the database
# macOS
brew install nikto
# Debian/Ubuntu
apt install nikto
# RHEL/CentOS
yum install nikto
# Update database
nikto -updateBasic Usage
Scan a target web server for vulnerabilities, outdated software, and misconfigurations
# Basic scan
nikto -h http://target.com
# Scan on specific port
nikto -h target.com -p 8443
# Scan with SSL
nikto -h https://target.com -ssl
# Output results to file
nikto -h target.com -o report.html -Format htm
# Custom tuning
nikto -h target.com -Tuning 123Command Reference
12 commands
1Target host (IP or hostname with protocol)
-h2Target port(s) to scan
-p3Force SSL/TLS mode
-ssl4Output format (htm, csv, json, txt, xml)
-Format5Write output to specified file
-o6Tuning control (bitmask to enable specific checks)
-Tuning7Evasion technique (use IDs from table)
-evasion8Display only vulnerability details
-DispVuln9Mutate input for deeper checking
-mutate10Plugins to run (comma-separated list)
-Plugins11Scan CGI directories
-Cgidirs12Host authentication (user:pass)
-idWhen to Use
1
Initial web server reconnaissance and version detection2
Identifying outdated software with known vulnerabilities3
Discovering dangerous files and misconfigurations4
Compliance auditing of web server security posture5
Quick baseline scan before deeper manual testingNotes & Tips
1
Nikto is not stealthy — it generates significant traffic and is easily detected2
Always have permission before scanning targets you do not own3
Use -Tuning to disable noisy checks like XSS or file uploads when targeting production systems4
Results should be verified manually as Nikto can produce false positivesCommon Errors & Solutions
Can't locate Net/SSLeay.pm
Install Perl SSL module: cpan -i Net::SSLeay or apt install libnet-ssleay-perl
No such host or invalid hostname
Include http:// or https:// prefix with -h, or verify DNS resolution
Timeout when connecting
Increase timeout with -timeout or check firewall/network connectivity