Scribd
Upload
400 views1 page

Nikto Cheat Sheet: Scan Options Display Options

The document provides a cheat sheet for using the nikto security scanner. It lists the standard command to scan websites using nikto along with common scan, display, output, and tuning options. Examples are given for scanning a specific host or IP address on certain ports, limiting scan time, skipping 404 checks, and more. Additional resources are provided for further reference on using nikto's various scanning capabilities.

Uploaded by

Karen Martinez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
400 views1 page

Nikto Cheat Sheet: Scan Options Display Options

The document provides a cheat sheet for using the nikto security scanner. It lists the standard command to scan websites using nikto along with common scan, display, output, and tuning options. Examples are given for scanning a specific host or IP address on certain ports, limiting scan time, skipping 404 checks, and more. Additional resources are provided for further reference on using nikto's various scanning capabilities.

Uploaded by

Karen Martinez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Installation $ sudo apt-get install nikto nikto cheat sheet

Standard command to scan websites nikto –host (web url host name) –(http port number )

Scan options Display Options

Nikto –h (Hostname/IP address) Scan a host Nikto -h -Display (option)


Nikto -h -port (Port Number1),(Port Number2) Scan host targeting specific ports 1 Display redirects

Nikto -h (Hostname) -maxtime (seconds) Define maximum scan time 2 Display cookies

Nikto -h-until Scan duration 3 Display 200 ok response

Display Web URLs


Nikto -h-vhost Define host header 4
requiring authentication
Nikto -h-no404 Skip http 404 guessing D Display debug output

Nikto -h-nossl Stop using SSL during scan E Show HTTP errors

Nikto -h-ssl Force to use SSL P Print to STDOUT

V Verbose output display


Nikto -update Update scan engine plugins

Nikto -h-dbcheck Check database Output Options


Nikto -h (Hostname/IP address) -output (filename) Input output to a file
Nikto -h -Format
Nikto -h-useproxy (Proxy IP address) Web host scan via a proxy
csv Comma Separated Value
Nikto -h-config (filename.conf) Use a specified file as a database
htm HTML Format
Nikto -h-nolookup Stop DNS lookup for hosts txt Plain text
Nikto -h-nocache Stop caching responses for scans xml XML Format

Tuning Options

Nikto -h (Hostname) -tuning (Option)

0 Upload files 7 Remote File Retrieval - Server Wide

1 View specific file in log 8 Command Execution / Remote Shell

2 DDefault file misconfiguration 9 SQL Injection

3 Display information disclosure a Authentication Bypass

4 Injection (XSS/Script/HTML) b Software Identification

5 Remote File Retrieval - Inside Web Root c Remote Source Inclusion

6 Denial of Service x Reverse Tuning Options

Reference and additional resources - https://github.com/sullo/nikto

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy