Web Application Analysiswebscannervulnerabilitiescgisslproxy

Nikto

Nikto is a pluggable web server and CGI scanner that performs fast security and informational checks. It identifies vulnerabilities, misconfigurations, and outdated software on web servers.

Description

Nikto is a Perl-based tool using LibWhisker for efficient scanning of web servers and CGI directories. It performs generic and specific checks against server software, detects issues like missing security headers, outdated versions, and uncommon headers. The tool supports output in plain text or HTML formats and features an easily updatable CSV-format checks database.

Use cases include reconnaissance of web applications for known vulnerabilities, such as Apache mod_negotiation enabled with MultiViews, leaked inodes via ETags, or absence of headers like X-Frame-Options and X-XSS-Protection. It scans for allowed HTTP methods, robots.txt entries, and more, providing detailed reports on potential security issues.

Nikto is particularly useful in penetration testing workflows for quick web server enumeration, supporting SSL, proxies with authentication, cookies, and automatic HTTP version switching.

How It Works

Nikto uses LibWhisker for fast security audits, performing checks from an updatable CSV database against web servers. It sends multiple HTTP requests (e.g., 371 in the example), analyzing responses for vulnerabilities like server leaks, missing headers, outdated software, and configuration issues. Supports SSL via libnet-ssleay-perl, proxying, cookies, and tuning specific test categories.

Installation

bash

sudo apt install nikto

Flags

-DisplaySet display options, e.g., 1234EP for verbosity and error parsing

-oOutput scan results to a file, e.g., report.html

-FormatOutput format, e.g., htm for HTML

-TuningTune scan to specific test categories, e.g., 123bde

-hostSpecify target host or IP to scan

-Add-headerAdd custom HTTP headers (can be used multiple times)

-askControl submission of updates: yes (ask each), no (don't send), auto (send without asking)

-check6Check if IPv6 is working by connecting to ipv6.google.com or nikto.conf value

-CgidirsScan specific CGI directories: none, all, or paths like /cgi/ /cgi-a/

Examples

Scans target web server with verbose display, HTML output to report.html, tuned tests, detecting issues like missing headers and outdated Apache

nikto -Display 1234EP -o report.html -Format htm -Tuning 123bde -host 192.168.0.102

Displays full list of Nikto command-line options and usage

nikto -h

Forces check of all possible CGI directories during scan

nikto -C all

Shows help for replay.pl, which replays saved scan results

replay -h

Parses and replays requests from a saved scan result file

replay -file <file>

Replays saved requests through a specified proxy

replay -proxy host:port

Opens the generated HTML scan report in Firefox browser

firefox report.html

Updated 2026-04-16kali.org ↗