Nikto: A Powerful Open-Source Web Vulnerability Scanner
Introduction to Nikto
Nikto is an open-source web server and application scanner. Nikto can perform comprehensive testing on web servers to check for more than 6700 potentially dangerous files and programs, among other security threats. Nikto might also look for out-of-date web server software and version-specific problems.
Nikto was created and maintained by Sullo CIRT, Inc. Written in Perl, it was initially released in late 2001.
Although others have contributed to the project, David Lodge is currently in charge of maintaining it (you can check out his blog here).
What is Nikto and its usages?
Nikto, an open-source Perl application, is used to scan web servers for security holes that could be exploited and result in server compromise. It can also check for outdated version details of 1200 servers and identify problems with specific version details of over 200 servers. It may also fingerprint the server using the host’s favicon.ico files. It is not so much a stealth tool as it is designed to be efficient and fast so that the task may be finished quickly. Therefore, a web administrator can instantly identify that its server is being scrutinized by looking at the log files.
Furthermore, it has the ability to show specific items that are only informative and do not present a security danger; instead, they show how to completely employ it to enhance web server security.
How to Install Nikto
Because Nikto is built in Perl, it may be used on most OS systems as long as the necessary Perl interpreter is installed. If you are using Kali Linux, Nikto comes preinstalled and can be found in the “Vulnerability Analysis” category. In the event that Nikto isn’t installed on Kali (for whatever reason), you can run the command “apt install nikto” or get it from GitHub. Installing Nikto on Windows requires first installing the Perl interpreter. You can obtain it by clicking on this link: ActivePerl: https://www.activestate.com/
Homebrew is compatible with MacOS.
Detailed installation instructions for each platform may be found here.
How to Scan with Nikto
Let’s perform several scans now that you are aware of what Nikto is and how to install it.
(Warning:
To be clear, if you try to attack systems before we start scanning, I do not assume any liability for any damage you may cause. The law forbids doing this. You need to have formal permission before trying to scan a system or network.)
Since Nikto is a command-line tool, you can obtain a list of options by using the help command:
> nikto -Help
How to Scan a Domain
To perform a simple domain scan, use the -h (host) flag:
> nikto -h google.com
Nikto will do a basic port 80 scan for the designated domain and send you a thorough report based on the scans’ findings:
Nikto Domain Scan
How to Scan a Domain with SSL Enabled
For domains with HTTPS enabled, you have to specify the -ssl flag to scan port 443:
> nikto -h https://nmap.org -ssl
Nikto SSL Enabled Scan
How to Scan an IP Address
Sometimes all you want to do is look up the IP address of a web server.
Use the same -h flag that you used for domain scanning to accomplish it:
> nikto -h ip
Nikto IP Address Scan
Nikto vulnerability scanner:
Hello, prospective ethical hackers. A thorough tutorial on how to use the Nikto vulnerability scanner can be found here. Nikto is a free command-line web vulnerability scanner that scans web servers for vulnerabilities, including outdated server software, misconfigured servers, over 6700 potentially dangerous files and CGIs, and more. Nikto can also detect the installed software on the targeted web server. We will use Nikto on Kali Linux since it comes pre-installed on that system. Let’s start now.
Checking Database (-dbcheck)
It is always a good idea to check the scan database for errors before scanning. The “-dbcheck” option in Nikto checks the scan databases for errors.
The Host option (–host) (-h)
To utilize Nikto to scan the target, we must first specify it. To set the target, we have to choose the “host” option. You may see this below.
The Port option (–port)
By default, Nikto looks for the designated HTTP and HTTPS ports. However, if the target web server is running on a custom port, you can set Nikto to scan a different port using the “port” parameter.
The Host option (–ssl)
We can utilize the “SSL” option to use Nikto to scan a website that has HTTPS enabled.
What output you want Nikto to show? (–Display)
After the scan is finished, you can change the type and amount of output Nikto shows by selecting the “Display” option. The Display option can have any of the following values.
See all Nikto plugins (–list-plugins)
Many of Nikto’s plugins can be used to target different types of targets. We may use the “–list-plugins” option to see all of these plugins.
