Ultimate Nikto Cheat Sheet
Ultimate Nikto Cheat Sheet
A reference guide for the classic web server scanner.
1. Basic Scanning
The standard syntax for scanning a target web server.
Simple Scan
Scans port 80 by default.
nikto -h http://target.com
nikto -h 192.168.1.1
Scan Multiple Hosts
To scan a list of IP addresses from a file.
nikto -h targets.txt
2. Ports & Protocols
Specific Ports
Scan a non-standard port.
nikto -h target.com -p 8080
Multiple Ports
nikto -h target.com -p 80,88,443
Force SSL (HTTPS)
If Nikto doesn't detect SSL automatically.
nikto -h target.com -ssl
3. Tuning (Scan Types)
Use the -Tuning (or -T) flag to specify which tests to run. This speeds up scans and reduces noise.
nikto -h target.com -Tuning 123
| Code | Scan Type |
|---|---|
1 | Interesting File (Logs, config files) |
2 | Misconfiguration |
3 | Information Disclosure |
4 | Injection (XSS/Script) |
8 | Command Execution |
9 | SQL Injection |
x | Reverse Tuning (Run everything EXCEPT these) |
Example: Run everything except Denial of Service tests (DoS is code 6).
nikto -h target.com -T x 6
4. Evasion & IDS Bypass
Techniques to obscure the scan from Intrusion Detection Systems (IDS) using -evasion.
nikto -h target.com -evasion 167
Evasion Codes
1: Random URI Encoding2: Directory Self-Reference (/./)3: Premature URL ending6: Send random UTF-8 encoded char8: Send fake Content-Length header
User Agent
Change your signature to look like a browser.
nikto -h target.com -useragent "Mozilla/5.0..."
5. Output & Reporting
Saving your results in a readable format.
Save to File
Nikto guesses the format based on the file extension.
nikto -h target.com -o scan_results.html
nikto -h target.com -o scan_results.xml
nikto -h target.com -o scan_results.csv
Force Format
nikto -h target.com -o result.txt -Format txt
6. Configuration & Auth
Authentication
If the site is protected by Basic HTTP Auth.
nikto -h target.com -id admin:password
Using a Proxy
nikto -h target.com -useproxy http://localhost:8080
Disable Interactive Mode
Use -nointeractive to prevent Nikto from asking questions during the scan (good for scripts).
nikto -h target.com -nointeractive
Update Databases
Update plugins and databases (may require root).
nikto -update
Post a Comment