Nikto Web Vulnerability Scanner - How to use nikto?

Weakness Scanning of Any Webserver using linux

 

Weakness is an major kind of fault happen after the creation or during creation of an webserver.Here In this tutorial we will use an powerful  tool that will  gather weakness of an webserver.

TOOL : NIKTO

 

Nikto is an open source webserver and web application scanner written in perl. It is free to use software that can scan any webserver ( Apache, Nginx, Lighttpd, Litespeed, etc.).It can scan over 6700 + vulnerablilities(weakness) .It has ability to scan multiple ports with multiple webserves and can scan through a proxy with http authentication.

 

Installation

 

We use simple description for installation of nikto.If you have kalilinux already then it is already install on the system.If not then FOLLOW here,

 Firstly,

 

 

git clone https://github.com/sullo/nikto

Switch to the nikto/program folder:

 

cd nikto/program

After this you can use Nikto by typing:

./nikto.pl -h http://www.itsecgames.com/

If the above command does not work, you can try:

 

perl nikto.pl -h http://www.itsecgames.com/

If you are using penetration Testing Os(kali linux , parrot os , blackbox etc) then you will install nikto by typing simple code.

sudo apt update
sudo apt install nikto

Note : If some error Happen for a root permission then type sudo at the first in the code (e.g
sudo ./nikto.pl -h https://pko.com.np

Pratical Use

 here i will test on kali linux if you are using linux then you can i

nikto-h www.TYPEWEBSITE.com

 

scanning a port using nikto 

nikto -h www.TYPEWEBSITE.com -port <PORT.NO>

in this way the process of scaning can be completed using nikto .THANK U!