nikto
nikto is a widely used open-source web server scanner that performs comprehensive scans to detect vulnerabilities and misconfigurations. It identifies issues such as outdated server software, dangerous files, and potential security weaknesses across various web servers. Nikto is essential in penetration testing and web security assessments, helping uncover critical issues in web applications and servers.
Common Nikto Options
- -host (Target Host): Specifies the target URL or IP address of the web server to scan.
- Example:
-host http://example.com
- Example:
- -Tuning (Tuning Options): Controls the type of tests to perform. This option allows selective scanning, making it useful for focusing on specific vulnerabilities.
- Example:
-Tuning 1
- Example:
- -port (Port Number): Defines the specific port number to scan on the target server. The default is port 80, but it can be changed to accommodate different services or configurations.
- Example:
-port 8080
- Example:
- -ssl (SSL Support): Forces Nikto to use SSL/TLS for the scan, useful when scanning HTTPS sites.
- Example:
-ssl
- Example:
- -timeout (Request Timeout): Sets the maximum time to wait for a server response. This helps manage network conditions or slow responses.
- Example:
-timeout 10
- Example:
- -o (Output File): Saves the scan results to a specified output file in formats like XML, HTML, or CSV.
- Example:
-o nikto_results.html
- Example:
Additional Nikto Options
- -UserAgent (Custom User-Agent): Sets a custom User-Agent header to mimic different clients, useful for avoiding detection by web application firewalls (WAFs).
- Example:
-UserAgent "Mozilla/5.0"
- Example:
- -nointeractive (Non-Interactive Mode): Disables interactive prompts, allowing Nikto to run in the background or as part of automated scripts.
- Example:
-nointeractive
- Example:
- -Save (Save State): Saves the scan state, enabling resumption of interrupted scans.
- Example:
-Save nikto_save.txt
- Example:
- -dbcheck (Database Check): Performs a check on the Nikto database to ensure it is up to date and free of errors.
- Example:
-dbcheck
- Example:
- -update (Update Nikto): Updates the Nikto database to the latest version. Ensuring the database is current improves detection capabilities.
- Example:
-update
- Example:
Examples of Nikto Commands
- Basic Web Server Scan: Scan a web server at
http://example.comusing default settings.> nikto -host http://example.com - Scan HTTPS Site on a Non-Standard Port: Scan an HTTPS server at
https://example.com:8443.> nikto -host https://example.com -port 8443 -ssl - Customized Test Tuning: Scan a target web server focusing on file upload vulnerabilities.
> nikto -host http://example.com -Tuning 2 - Save Results to a File: Run a scan and save the output in HTML format.
> nikto -host http://example.com -o nikto_results.html - User-Agent Spoofing: Use a custom User-Agent header during the scan.
> nikto -host http://example.com -UserAgent "Mozilla/5.0" - Check and Update Database: Ensure the Nikto database is up-to-date before running scans.
> nikto -dbcheck> nikto -update
Summary
nikto is a versatile tool that provides extensive scanning capabilities for web servers. With its variety of options, you can customize scans to fit specific needs, whether targeting vulnerabilities in web applications, configuring advanced reporting, or checking SSL/TLS configurations. Nikto helps identify security gaps that might otherwise go unnoticed, making it a vital component of any web security toolkit.