Nikto

Very basic syntax to run a Nikto scan against a URL:

nikto -h example.com

You can also provide Nikto a list of hostnames/IP addresses instead of a single URL.

Nikto runs against port 80 by default, to scan a HTTPS enabled domain, include the -ssl flag.

nikto -h https://example.com -ssl

The -o flag can be used to export results to a file, the -format flag can be used to specify the file format.

nikto -h https://example.com -ssl -o my_file.txt -Format csv

Last updated 6 months ago