| Author: | Chris Sullo |
| License: | GPL |
| Software: | Nikto |
| Written in: | Perl |
| Date created: | December 17, 2012 |
| Updated: | Yes |
| GitHub: | Nikto |
Last updated: 21 november 2018
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is built on LibWhisker2 (by RFP) and can run on any platform which has a Perl environment. It supports SSL, proxies, host authentication, attack encoding and more. It can be updated automatically from the command-line, and supports the optional submission of updated version data back to the maintainers.
The name "Nikto" is taken from the movie "The Day the Earth Stood Still", and of course subsequent abuse by Bruce Campbell in "Army of Darkness".
Scan the target 192.168.1.1 on port 80. Port 80 is the default port if none is given.
# Syntax
nikto -h [target IP] -p [port](,[port],[port],...)
# Syntax alternative
nikto -h https://[target IP]:[port]/
# Example
nikto -h 192.168.1.1
Scan the target 192.168.1.1 on port 443. Multiple ports can be used, seperated by a comma or specified by a range.
# Example
nikto -h 192.168.1.1 -p 443
# Multiple ports - Comma serperated
nikto -h 192.168.1.1 -p 80,8080,443
# Multiple ports - Specified range
nikto -h 192.168.1.1 -p 80-90
Scan the target 192.168.1.1 on port 443. Nikto will check HTTP port 80 first by default, and if that fails, HTTPS port 443. If you're sure it's an SSL server, you can use the -s (-ssl) parameter. This will speed up the process.
# Example
nikto -h 192.168.1.1 -p 443 -ssl
Scan through a proxy server.
# Syntax
nikto -h [target IP] -p [port] -useproxy [proxy IP]
# Example
nikto -h 192.168.0.1 -p 443 -useproxy 127.0.0.1:8080
Update Nikto
nikto -update
-h : Specifies the target host
-p : Specifies the port(s). Multiple ports can be added, seperated by a comma (,) or specified as a range
-s : (-ssl) Speeds up the scan if you're sure the target uses SSL. This option only tests SSL on the ports specified.
-useproxy : Specifies the use of a given HTTP proxy via which to conduct scans. Nikto does not currently support SOCKS proxies.
** For more information, check out the extra links and sources. **