Nikto is an open source web server scanner that has the ability to perform in-depth scans on web servers. This tool can be used to identify server-based vulnerabilities such as server misconfigurations and outdated servers. It can also spot programs and files that may be insecure or software that is misconfigured.
Nikto: Open-Source Web Server Scanner
Nikto is loaded with a long list of features that allows it to effectively perform tests on web servers within the shortest time possible. This tool can be used to run scans on a number of servers and this makes it to be very useful when it comes to testing intranet applications.
Currently, it can be used to run scans for
6700+ items in order to detect any underlying vulnerabilities within a server. Nikto can also be used to carry out checks on in-log files to identify other items that may be unknown. It also supports multiple port scanning allowing you to run tests on a number of ports within a single session. All you have to do is specify the number of ports that you would like to perform scans on.
In advanced use cases parameters such as the
–mutate can be used to launch complex scans on suspected servers. The mutation technique will enable you to combine a number of tests, making the test being performed to have a greater impact or the web server being targeted.
- Metasploit Logging
- Subdomain guessing
- Report saving(using plain text: NBE, XML, CSV, and HTML)
- Multiple Port Scanning
- Easy updates (through command lines)
- Host authentication (using NTLM and Basic)
- LibWhisker’s IDS
- Template engine (for easy report customization)
- Thorough documentation
- SSL support (on Unix that has OpenSSL and windows that have Activestate’s Perl/NetSSL)
- Authorization guessing (handles all directories)
- Scan tuning
- Mutation technique
- Unix/Linux including OS X, Windows (must have ActiveState Perl/ Strawberry Perl)
Clone the repo:
$ git clone https://github.com/sullo/nikto.git
Run as Docker container
$ cd nikto $ docker build -t sullo/nikto
Use -h to list available options:
$ docker run --rm sullo/nikto -h http://www.example.com
Options: -ask+ Whether to ask about submitting updates yes Ask about each (default) no Don't ask, don't send auto Don't ask, just send -Cgidirs+ Scan these CGI dirs: "none", "all", or values like "/cgi/ /cgi-a/" -config+ Use this config file -Display+ Turn on/off display outputs: 1 Show redirects 2 Show cookies received 3 Show all 200/OK responses 4 Show URLs which require authentication D Debug output E Display all HTTP errors P Print progress to STDOUT S Scrub output of IPs and hostnames V Verbose output -dbcheck Check database and other key files for syntax errors -evasion+ Encoding technique: 1 Random URI encoding (non-UTF8) 2 Directory self-reference (/./) 3 Premature URL ending 4 Prepend long random string 5 Fake parameter 6 TAB as request spacer 7 Change the case of the URL 8 Use Windows directory separator (\) A Use a carriage return (0x0d) as a request spacer B Use binary value 0x0b as a request spacer -Format+ Save file (-o) format: csv Comma-separated-value htm HTML Format msf+ Log to Metasploit nbe Nessus NBE format txt Plain text xml XML Format ...
For detailed documentation and instructions click on the “documentation” button below.