Skip to content
Related Articles

Related Articles

How to Scan Vulnerabilities of Websites using Nikto in Linux?

Improve Article
Save Article
Like Article
  • Last Updated : 03 Jun, 2020

Nikto is an open-source web server scanner which performs comprehensive tests against web servers for multiple items. You can use Nikto with any web servers like Apache, Nginx, IHS, OHS, Litespeed, and so on. Nikto can check for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Items and plugins scanned by Nikto are frequently updated and can be automatically updated.

How to install Nikto?

If you are using a Kali Linux machine then Nikto is already pre-installed in it. You can find it under Vulnerability analysis menu or you can just type in the terminal

nikto -Help

It will launch an option menu which gives a brief about the tool and how to use it, Which looks like this

Nikto help

If you are using any other machine other than Kali you can install Nikto by using package manager example

Arch Linux

pacman -S nikto


apt-get install nikto

or you can simply get the github repository by using wget command and use it:

~ wget .
~ unzip
~ cd /nikto-master/program

 Example For how to use Nikto

Let’s see a very simple example of how to use Nikto in scanning websites for some vulnerability. Use the command:

nikto -h

if you are using git hub repository then just navigate to directory and use:

./ -h

where is scan against the Nginx web server, the scan may take several minutes. You can see the results in the screenshot

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!