Nikto
Nikto is basically an open source web server scanner which performs comprehensive tests against web servers for multiple items,including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.Nikto is not designed as an overly stealthy tool.its current version is "Nikto 2.1.5"
Some of its key feature:-
How to use Nikto for scanning web app ?
The usage of this tool is very simple,but before doing these scanning you just need to update it.
Command in backtrack
#./nikto.pl -update (on current directory cd/pentest/web/nikto)
In kali it is.
#nikto -update
To run a basic scan you just need to type.
#nikto -h [ip/target address]
#./nokto -h [ip/host address](in backtrack)
If you want to check different port than use
#nikto -h [target host] -p [port number]
If you want this test via proxy than you can use by this command
#nikto.pl -h [target host] -useproxy http://localhost:8080/
For help and know more options available just use.
#nikto -H
i hope this tut will help you to use nikto scanner if any more doubt please do comment :).
Thank you for reading.
Post a Comment
Post a Comment
Feel Free To Ask Your Query we Love To Answer