Nikto: Full tutorial from scratch to pro updated 2024


In this post, you will learn what is nikto and how does it work and a full command tutorial and by end of this post, you will be more familiar with the tool. There is also video format of the post below check that also


What is Nikto

Nikto is a web-based vulnerability scanner, It is open-source software written in Perl language. The primary target of the tools is to do vulnerability scanning.

This tool scans 6,800 vulnerabilities that are commonly available on the sites. The tool also scans 250 platforms from an unpatched site. Also finds some vulnerability in the webserver files. I will use this tool very often, Mostly this tool will be caught in IDS (Intrusion detection sensor) or IPS (Intrusion Prevention sensor).

Also Read: Zenmap full tutorial

There are some alternative tools such as Metasploit, comparing to Metasploit, Nikto is the best tool. Bug bounty hunters use this tool a lot and even hackers use this tool.


Who developed the nikto tool

The tool was developed by Chris Sullo & David Lodge and I wonder how they kept the logo for this tool. And I am in love with this logo. Below are the links to the tool

Features in nikto tool

  1. SSL Support (Unix with OpenSSL or maybe Windows with ActiveState’s
  2. Perl/NetSSL)
  3. Full HTTP proxy support
  4. Checks for outdated server components
  5. Save reports in plain text, XML, HTML, NBE or CSV
  6. Template engine to easily customize reports
  7. Scan multiple ports on a server, or multiple servers via input file (including nmap output)
  8. LibWhisker’s IDS encoding techniques
  9. Easily updated via command line
  10. Identifies installed software via headers, favicons and files
  11. Host authentication with Basic and NTLM
  12. Subdomain guessing
  13. Apache and cgiwrap username enumeration
  14. Mutation techniques to “fish” for content on web servers
  15. Scan tuning to include or exclude entire classes of vulnerability
  16. checks
  17. Guess credentials for authorization realms (including many default id/pw combos)
  18. Authorization guessing handles any directory, not just the root
  19. directory
  20. Enhanced false positive reduction via multiple methods: headers,
  21. page content, and content hashing
  22. Reports “unusual” headers seen
  23. Interactive status, pause and changes to verbosity settings
  24. Save full request/response for positive tests
  25. Replay saved positive requests
  26. Maximum execution time per target
  27. Auto-pause at a specified time
  28. Checks for common “parking” sites


Useful commands in Nikto tool

-config+ :Use this config file
-Display+ :Turn on/off display outputs
-dbcheck : check the database and other key files for syntax errors
-Format+ :save file (-o) format
-Help : Extended help information
-host+ :target host/URL
-id+ : Host authentication to use, the format is id: pass or id:pass: realm
-output+:Write output to this file
-nossl : Disables using SSL
-no404 : Disables 404 checks
-Plugins+ :List of plugins to run (default: ALL)
-port+ :Port to use (default 80)
-root+ :Prepend root value to all requests, the format is /directory
-ssl : Force SSL mode on port
-timeout+ :Timeout for requests (default 10 seconds)

How to work with the Nikto tool ❓

Just follow the below example and I am sure by end of this post you will be familiar with the tool and If you need any additional information on the Nikto tool then watch the YT video at the top.


Installing the Nikto tool

sudo apt-get install nikto
installing tool


Let’s do a standard scan in nikto, which is directly scanning the target

nikto -h <IP/domain>
nikto -h
nikto scan

*Sorry about the scan it is, you can enter your own target


Running a scan on target SSL or TLS

nikto -h -ssl
ssl scan



Scanning specific port on nikto

nikto -h -port 80
scanning vulnerabilities


Saving the scan in an output

nikto -h -output /Downloads/file.txt

You can specify the path you want



Scanning anonymously using Nikto is very easy just add proxychains in front of the command

proxychains nikto -h 


Ignoring certain codes HTTP codes

nikto -h -no404


Scanning multiple ports

nikto -h -port 44,80,22


Some alternatives for Nikto is Arachni, ZAP, searchsploit, Nessus, openVAS and I specifically love this nikto tool and just give it a try to this tool. Overall this is one of the best tools to scan for vulnerabilities and see you in the next post.


Also Read: Legion full tutorial from noob to pro

Also Read: Angry IP scanning full tutorial

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top