Thiago Teixeira

EN | PT

NIK

Nikto

CIRT.net

Web server scanner that tests for thousands of known vulnerable files and misconfigurations.

Vulnerability Management Free & Open Source CLI Learning Cross-platform

Homepage Docs

Cyber Kill Chain & Defender Lifecycle

Attacker — Kill Chain

1 Reconnaissance

2 Weaponization

3 Delivery

4 Exploitation

5 Installation

6 Command & Control

7 Actions on Objectives

Defender — IR Lifecycle

8 Detection / Monitoring

9 Containment & Eradication

10 Post-incident Forensics

Description

Nikto is a noisy but effective web server scanner. It tests a target against >6,700 potentially dangerous files, outdated server versions, version-specific problems, and common misconfigurations.

Nikto's role compared to Burp/ZAP:

Nikto = server-level weaknesses (default pages, banner, dangerous CGIs, HTTP methods).
Burp/ZAP = application-level weaknesses (auth, business logic, injection).

Use cases

Pre-engagement reconnaissance against external assets
Baseline check after spinning up a new web tier
Quick triage when an EDR flags an unfamiliar web service

Example

nikto -h https://target.example.com -Tuning 123bde -o report.html -Format htm