The most critical part of a website is the web server, which is the first component that hackers target to compromise it using vulnerabilities by scanning various automated scanning tools like Nikto and others.
In this article, we are going to learn about the Nikto web vulnerability scanner tool.
Nikto, also known as Nikto2, is an open-source (GPL) and free-to-use web server scanner that performs vulnerability scanning against web servers for multiple items including dangerous files and programs, and checks for outdated versions of web server software. It also checks for server configuration errors and any possible vulnerabilities they might have introduced.
The Nikto vulnerability scanner project is a fast-moving effort, frequently updated with the latest known vulnerabilities. It is used by many bug bounty hunters, cybersecurity professionals, and analysts.
Although this tool is extremely effective, it's not stealthy at all. Any site with an intrusion detection system or security measure can easily detect it, that site is being scanned. Initially designed for security testing, stealth was never a concern.
You may also like to read: AIRAVAT - Multifunctional Android GUI RAT With Web Panel | No Port-Forwarding
Advantages of Nikto
- Open Source: Nikto is an open-source tool, making it accessible to users without any licensing costs. This accessibility contributes to its popularity in the cybersecurity community.
- Wide Compatibility: It is platform-agnostic, and capable of running on Windows, Linux, and macOS, ensuring that users can leverage its capabilities regardless of their preferred environment.
- Comprehensive Scans: Nikto performs thorough scans, identifying a wide range of potential vulnerabilities, including outdated software, risky configurations, and known security issues. Nikto can scan for over 6700 potentially dangerous files/CGIs and perform over 1200 server-specific checks.
- Constant Updates: The Nikto database is continually updated, ensuring that it remains current with the latest security threats and vulnerabilities.
- Customizable Scans: Nikto allows for the creation of custom scan profiles, offering users a high degree of flexibility to suit their specific requirements.
- Reporting: It provides detailed and well-structured reports, which are valuable for risk assessment and mitigation planning
Disadvantages of Nikto
- False Positives and Negatives: Like many vulnerability scanners, Nikto is not foolproof and can sometimes produce false positives or negatives. It is essential to validate its findings manually.
- No Authentication: Nikto doesn’t support authentication. While this might be an advantage for some situations, it could limit its effectiveness in others.
- Limited to Web Servers: Nikto primarily focuses on web servers and web applications, so it may not be suitable for assessing other aspects of your network.
Installation
Nikto can support Linux, windows, and mac os operating systems.
Nikto is preinstalled in various Linux distributions, just ensure you have the latest version of it.
sudo apt-get install nikto (for Debian/Ubuntu)
sudo yum install nikto (for centOs/Redhat)
For help menu type the command
nikto -h
Configuration
Nikto’s configuration is straightforward, typically done through a configuration file (nikto. conf). You can customize the settings as per your requirements, but the default configuration works well for most scenarios.
To use a custom configuration file, use the -config option:
nikto -config /path/to/custom-config.conf -h example.com
The configuration file allows you to define various options, such as tuning scanning methods, setting custom headers, and specifying the ports and plugins to be used.
Usages
- Basic Scan: Run a basic Nikto scan against a target web server:
nikto -h https://example.com
- To save the result just use -o
nikto -h https://example.com -o output.html
- Scanning a Specific Port:
nikto -h https://exmaple.com -p 8083
Replace example.com with the host or IP you wish to scan, and 8083 with the port you wish to scan. The output should look like: