This is a draft cheat sheet. It is a work in progress and is not finished yet.
Basic Testing
scan with host |
perl nikto.pl -h 192.168.0.1 |
scan with host and port |
perl nikto.pl -h 192.168.0.1 -p 443 |
scan with url (include host and port) |
|
ssl |
perl nikto.pl -h 192.168.0.1 -p 443 -ssl |
Multiple Port Testing
scan multiple ports |
perl nikto.pl -h 192.168.0.1 -p 80,88,443 |
Multiple Host Testing
Nikto support scanning multiple hosts in the same session via a text file of host names or IPs. Instead of giving a host name or IP for the -h (-host) option, a file name can be given. A file of hosts must be formatted as one host per line, with the port number(s) at the end of each line. Ports can be separated from the host and other ports via a colon or a comma. If no port is specified, port 80 is assumed. |
Valid Hosts File
192.168.0.1:80
http://192.168.0.1:8080/
192.168.0.3
Using a Proxy
To use the nikto.conf file |
perl nikto.pl -h localhost -p 80 -useproxy |
To set the proxy on the command line, use the -useproxy option |
perl nikto.pl -h localhost -useproxy http://localhost:8080/ |
Updating
update new version |
perl nikto.pl -update |
Interactive Features
Report current scan status |
SPACE |
Turn verbose mode on/off |
v |
Turn debug mode on/off |
d |
Turn error reporting on/off |
e |
Turn progress reporting on/off |
p |
Turn redirect display on/off |
r |
Turn cookie display on/off |
c |
Turn OK display on/off |
o |
Turn auth display on/off |
a |
Quit |
q |
Next host |
N |
Pause |
P |
|
