• Ethical_Hacker

Website vulnerability scanner or Information Gathering by using Nikto





Prior to assaulting any site, a Hacker or penetration analyzer will initially accumulate a rundown of target surfaces. After they've utilized some great recon and found the correct spots to point their extension at, they'll utilize a web server examining tool, for example, Nikto for chasing down vulnerabilities that could be potential assault vectors.

Nikto is a straightforward, open-source web server scanner that analyzes a site and reports back vulnerabilities that it discovered which could be utilized to exploit or hack the webpage or site. Likewise, it's one of the most broadly utilized site vulnerabilities tools in the business, and in numerous circles, thought about the business-standard.


In spite of the fact that this tool is amazingly powerful, it's not stealthy by any means. Any site with an interruption discovery framework or other safety efforts set up will identify that it's being examined. At first, intended for security testing, stealth was never a worry.


Install Nikto

In case you're running Kali Linux, Nikto comes preinstalled, so you don't need to download or introduce anything. It'll be situated in the " Vulnerability Analysis " category. Also you can download from Github or type the below-mentioned command.

  • apt install nikto

Before you plunge into filtering web servers with Nikto, lets you utilize the - Help option to see everything that should be possible inside Nikto.

  • nikto -Help

Utilize the Basic Syntax


  • nikto -h <IP or hostname>

Nikto can do a scan that can follow SSL and port 443, the port that HTTPS sites use (HTTP uses port 80 by default) So we're not simply constrained to checking old websites, we can do vulnerability assessments on sites that use SSL,, which is basically a prerequisite nowadays to be recorded in list items.


On the off chance that we know it's a SSL site that we're focusing on, we can indicate it in Nikto to spare some time on the output by adding - ssl as far as possible of the command


  • nikto -h <IP or hostname> -ssl


For Example how about we start with checking darkworldhacker.com to see a portion of the kinds of data that a Nikto scan will appear. After it interfaces with port 443, we see that there's some valuable information like that the server is xyz, etc.


Now let's try using Nikto on a local network to find embedded information like a login page for HTTP services, the login page of the router. Let's find our IP address by typing ifconfig.


  • nmap -p 80 192.168.0.0/24 -oG darkworldhacker.txt

Scan an HTTP Website

We have scanned a secure website along with IP address on a local network now we are scanning Http base website. It's mean we are scanning non-ssl website

Scans with Metasploit

One of the most effective things regarding Nikto is that you simply will really export info into a format that Metasploit will browse once you are activity a scan. To do, simply use the commands higher than to perform the scan, however appending -Format msf+ to the top of it. The format will facilitate us quickly try knowledge retrieved with a weaponized exploit.



Thus, in this guide, we went from deciding the target’s surface area to finding a vulnerability and afterward blending it with a weaponized exploit so we don't need to do the entirety of the work. Since Nikto is certifiably not a stealthy apparatus, it's shrewd to play out these kinds of sweeps from a VPN, through Tor, or another sort of administration with the goal that your genuine IP address isn't hailed for suspicious conduct.


Notes: Blog and video created for educational purpose only

0 views
  • Instagram
  • Facebook Social Icon
  • LinkedIn Social Icon

©2020 by Dr. Tech.