killchain-compendium/enumeration/nikto/nikto.md

# Nikto
Scan web server vulnerabilities and more.

## mmap Input
* Pipe or pre run nmap
```sh
nmap -p80 172.16.0.0/24 -oG - | nikto -h -
```
```sh
nmap -oG -Pn -p-10000 10.10.214.141 | nikto -h 10.10.214.141 -p -
```

# Usage 

* Example
```
nikto -h http://example.com i -p 80,8080
```
```sh
nikto -id <user>:<password> -h http://example.com:1234/manager/html
```
## Plugins
```sh
nikto -h http://example.com -Plugins apacheusers
```

* List all plugins
```sh
nikto -list-plugins
```
second commit 2021-08-23 01:13:54 +02:00			`# Nikto`
			`Scan web server vulnerabilities and more.`

			`## mmap Input`
			`* Pipe or pre run nmap`
			```sh
			`nmap -p80 172.16.0.0/24 -oG - \| nikto -h -`
			```
			```sh
			`nmap -oG -Pn -p-10000 10.10.214.141 \| nikto -h 10.10.214.141 -p -`
			```

			`# Usage`

			`* Example`
			```
			`nikto -h http://example.com i -p 80,8080`
			```
			```sh
			`nikto -id <user>:<password> -h http://example.com:1234/manager/html`
			```
			`## Plugins`
			```sh
			`nikto -h http://example.com -Plugins apacheusers`
			```

			`* List all plugins`
			```sh
			`nikto -list-plugins`
			```