Nikto tutorial for kali linux

Nikto tutorial for kali linux

This is a basic nikto tutorial for kali linux. For advanced usage, see ‘man nikto’ or the cirt website

Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities. Developed in Perl. Nikto identifies outdated software versions, server misconfigurations and potential security threats. It is widely used by security professionals for its ability to enhance web application security assessments.

Nikto Features:

  1. Comprehensive Scanning: Nikto checks for over 7,000 potentially dangerous files and programs, including default files and outdated versions that may contain known vulnerabilities. This extensive coverage makes it a valuable tool for identifying weaknesses in web servers.
  2. Plugin Architecture: Nikto’s architecture supports the use of plugins, allowing users to customize scans according to their specific needs. This flexibility enables security teams to focus on particular vulnerabilities relevant to their environment.
  3. SSL Support: The tool includes support for HTTPS, allowing it to scan secure web servers.
  4. Reporting and Output Formats: After a scan, Nikto generates detailed reports for export in various formats, including HTML, XML, and plain text. This functionality facilitates easy integration into security workflows and compliance audits.
  5. Ease of Use: Nikto’s command-line interface is straightforward, making it accessible for both novice and experienced users. Its simple commands allow for quick scans, making it an efficient tool for regular security assessments.

Nikto will scan a web service and look for known vulnerabilities. It can be very useful to perform a quick test against a web application.

nikto tutorial

Nikto tutorial: Basic usage

nikto -h example.com

There isnt much output, so you generally dont know whats happening, so it might be good to enable verbose output:

nikto -Display V -h example.com

One of the great things you can do with nikto is to specify the type of checks it runs:
from the man page:

-Tuning

Tuning options will control the test that Nikto will use against
a target. By default, if any options are specified, only those
tests will be performed. If the “x” option is used, it will
reverse the logic and exclude only those tests. Use the reference number or letter to specify the type, multiple may be used:

  • 0 – File Upload
  • 1 – Interesting File / Seen in logs
  • 2 – Misconfiguration / Default File
  • 3 – Information Disclosure
  • 4 – Injection (XSS/Script/HTML)
  • 5 – Remote File Retrieval – Inside Web Root
  • 6 – Denial of Service
  • 7 – Remote File Retrieval – Server Wide
  • 8 – Command Execution / Remote Shell
  • 9 – SQL Injection
  • a – Authentication Bypass
  • b – Software Identification
  • c – Remote Source Inclusion
  • x – Reverse Tuning Options (i.e., include all except specified)

The given string will be parsed from left to right, any x characters will apply to all characters to the right of the character.

Specifying the test

So, to only perform an SQL injection test against your target:

nikto -Tuning 9 -h example.com

or to run everything except DOS

nikto -Tuning x 6 -h example.com

Saving results

You can output to a file with the -o option
You can specify the format of the output file with -Format [csv htm txt or xml]

eg to perform an SQL injection test and save results to an html file with verbose output for your terminal:

nikto -Display V -o results.html -Format htm -Tuning 9 -h example.com

You might also like my metasploit tutorial

Tags: , , , , , , , , , , , , , , , , , ,

Leave a Reply