killchain-compendium/enumeration/nikto/nikto.md

488 B

Nikto

Scan web server vulnerabilities and more.

mmap Input

  • Pipe or pre run nmap
nmap -p80 172.16.0.0/24 -oG - | nikto -h -
nmap -oG -Pn -p-10000 10.10.214.141 | nikto -h 10.10.214.141 -p -

Usage

  • Example
nikto -h http://example.com i -p 80,8080
nikto -id <user>:<password> -h http://example.com:1234/manager/html

Plugins

nikto -h http://example.com -Plugins apacheusers
  • List all plugins
nikto -list-plugins