Ticker

6/recent/ticker-posts

Beginners Guide For Nikto Web Vulnerability Scanner On Kali Linux

 


The most critical part of a website is the web server, which is the first component that hackers target to compromise it using vulnerabilities by scanning various automated scanning tools like Nikto and others.

In this article, we are going to learn about the Nikto web vulnerability scanner tool.

Nikto, also known as Nikto2, is an open-source (GPL) and free-to-use web server scanner that performs vulnerability scanning against web servers for multiple items including dangerous files and programs, and checks for outdated versions of web server software. It also checks for server configuration errors and any possible vulnerabilities they might have introduced.

The Nikto vulnerability scanner project is a fast-moving effort, frequently updated with the latest known vulnerabilities. It is used by many bug bounty hunters, cybersecurity professionals, and analysts.

Although this tool is extremely effective, it's not stealthy at all. Any site with an intrusion detection system or security measure can easily detect it, that site is being scanned. Initially designed for security testing, stealth was never a concern.

You may also like to read: AIRAVAT - Multifunctional Android GUI RAT With Web Panel | No Port-Forwarding

Advantages of Nikto

  • Open Source: Nikto is an open-source tool, making it accessible to users without any licensing costs. This accessibility contributes to its popularity in the cybersecurity community.
  • Wide Compatibility: It is platform-agnostic, and capable of running on Windows, Linux, and macOS, ensuring that users can leverage its capabilities regardless of their preferred environment.
  • Comprehensive Scans: Nikto performs thorough scans, identifying a wide range of potential vulnerabilities, including outdated software, risky configurations, and known security issues.  Nikto can scan for over 6700 potentially dangerous files/CGIs and perform over 1200 server-specific checks.
  • Constant Updates: The Nikto database is continually updated, ensuring that it remains current with the latest security threats and vulnerabilities.
  • Customizable Scans: Nikto allows for the creation of custom scan profiles, offering users a high degree of flexibility to suit their specific requirements.
  • Reporting: It provides detailed and well-structured reports, which are valuable for risk assessment and mitigation planning

Disadvantages of Nikto

  • False Positives and Negatives: Like many vulnerability scanners, Nikto is not foolproof and can sometimes produce false positives or negatives. It is essential to validate its findings manually.
  • No Authentication: Nikto doesn’t support authentication. While this might be an advantage for some situations, it could limit its effectiveness in others.
  • Limited to Web Servers: Nikto primarily focuses on web servers and web applications, so it may not be suitable for assessing other aspects of your network.

Installation 

Nikto can support Linux, windows, and mac os operating systems.

Nikto is preinstalled in various Linux distributions, just ensure you have the latest version of it.

sudo apt-get install nikto (for Debian/Ubuntu)
sudo yum install nikto (for centOs/Redhat)

For help menu type the command 

nikto -h

Configuration

Nikto’s configuration is straightforward, typically done through a configuration file (nikto. conf). You can customize the settings as per your requirements, but the default configuration works well for most scenarios.

To use a custom configuration file, use the -config option:

nikto -config /path/to/custom-config.conf -h example.com

The configuration file allows you to define various options, such as tuning scanning methods, setting custom headers, and specifying the ports and plugins to be used.

Usages

  • Basic Scan: Run a basic Nikto scan against a target web server:

         nikto -h https://example.com

  • To save the result just use -o 

nikto -h https://example.com  -o output.html

  • Scanning a Specific Port:

nikto -h https://exmaple.com -p 8083


Replace example.com with the host or IP you wish to scan, and 8083 with the port you wish to scan. The output should look like:


Scanning through a network proxy

Certain websites may only be available through a network proxy or specific IP, and this feature allows Nikto to scan the website through that proxy address as well:
nikto -h https://example.com -useproxy 127.0.0.1
Replace 127.0.0.1 by your proxy IP address

Scanning websites that require authentication

Nikto also includes the ability to scan websites that are protected by HTTP authentication:
nikto -h https://example.com  -id  username:password

Ignore certain HTTP codes

When running a web server scan with Nikto, it's important to ignore certain HTTP codes such as 301 redirects, to prevent the scan from scanning unnecessary objects. In such a scenario we can use the -IgnoreCode flag:
nikto  -h https://example.com -IgnoreCode 401

Maximum scan time

When you have a larger website to scan that takes a number of hours to scan where you can use the maximum time flag.
nikto -h https://example.com -max time 60 (seconds)

Nikto offers a wide range of flags that you can use to customize your scans according to your specific needs.


Tips for beginner 

  • Understand Output: 

Nikto Provides detailed reports of web scanning and takes time to understand the vulnerability and informational things.

  • Play with Nikto : 

As a beginner, I suggest playing with each and every flag of nikto to understand what is happening, How the result came, and which is useful to me.

  • Review Nikto Documentation : 

The official Nikto documentation is a valuable resource. Refer to it to deepen your understanding of Nikto’s options, configurations, and best practices.

Want to learn about offensive hacking: Hackersking