Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.
For this blog I use this IP address 22.214.171.124
- To start nikto in Kali Linux, open a terminal and type nikto
2. Now type nikto -h to see all the functionality that used in nikto.
3. If you want to scan a server IP then type this command, it will take some time and show you some vulnerability if exists.
Command: nikto -h serverIp .
Example: nikto -h 126.96.36.199
Here -h means the host.
4. If you want to scan a specific port for server IP, then type this command and enter. it will show you the result.
Command: nikto -h serverIp -p port
Example: nikto -h 188.8.131.52 -p 80
Here -p means Port
5. If you want to save the scanning result into a text file directly then you need to use this command.
Command: nikto -h serverIp -o fileName -F fileExtension
Example: nikto -h 184.108.40.206 -o result -F txt
6. We can use a proxy server and scan serverIp.For this process first, we need to go to the Nikto config file and uncomment these two lines.
Then save the file.
We can find out nikto config file using this command.
Command: locate nikto.conf
After saving the file go to terminal and enter this command. It will start a scan but this time using proxy.
Command: nikto -h serverIp -useproxy
Example: nikto -h 220.127.116.11 -useproxy
— Happy Hacking —