Nikto Tool Basics

What is the Nikto?

The Nikto tool is an open-source web server scanner. The Nikto vulnerability scanner is a fast-paced project that is constantly updated with the most recent known vulnerabilities. Nikto is written in Perl.

I’ve listed four characteristics below.

• Username Guessing
• Free to use
• Find Sub-domains
• Able to perform a dictionary attack

Installation

The Nikto tool may be installed in three ways. I favor the third choice since it is the most straightforward.

1. We can clone the Nikto git repository from GitHub

GitHub - sullo/nikto: Nikto web server scanner

git repository

Steps are given below,

Step 1: root@kali:~# git clone https://github.com/sullo/nikto.git
Step 2: root@kali:~# cd nikto/program
Step 3: root@kali:~/nikto/program# perl nikto.pl

2. We can direct download it from the official website

CIRT.net

Nikto website

3. We can open the Linux terminal and enter the below command

sudo apt install nikto

Nikto installation

The Nikto tool may be used in a variety of ways. Below are two instances.

1. How to scan an SSL-Enabled website?

nikto -h <website url> -ssl

2. How to scan Scan an HTTP Website?

nikto -h <website url>

Written by Isira Gajasinghe- Cyber Security undergraduate