Nikto

VERIFIED

Comprehensive web server vulnerability scanner

Vulnerability ScanningOSS

Easy

LinuxWindowsmacOS

Description

Nikto is an open-source web server scanner that tests for over 6,700 potentially dangerous files and programs, outdated server versions, and version-specific problems. It checks for server configuration issues including multiple index files, HTTP server options, and identifies installed web servers and software through headers and favicons.

Use Cases

Web server misconfiguration detection
Identifying outdated software and known vulnerabilities
Pre-engagement web application surface assessment

Attack Phases

01. RECON

02. SCAN

03. EXPLOIT

04. PERSIST

05. COVER

MITRE ATT&CK Techniques (2)

T1595.002Active Scanning: Vulnerability Scanning

Related Tools (3)

Nuclei Nmap Wapiti