Cheatography https://cheatography.com

Download This Cheat Sheet (PDF)

Comments
Rating: ()

Nikto Cheat Sheet (DRAFT) by fool

--- Nikto Cheat Sheet ---

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Target Options

Specify host	nikto -h <IP/domain>
Specify port	nikto -h <IP/domain> -p <port>
Multiple ports	nikto -h <IP/domain> -p <port1>,<port2>,etc
Specify port in url	nikto -h http(s)://<IP/domain>:<port>

Tuning Options

Specify tuning	-Tuning <option>
Interesting File / Seen in logs	1
Misconfiguration / Default File	2
Information Disclosure	3
Injection (XSS/Script/HTML)	4
Remote File Retrieval - Inside Web Root	5
Denial of Service	6
Remote File Retrieval - Server Wide	7
Command Execution / Remote Shell	8
SQL Injection	9
File Upload	0
Authentication Bypass	a
Software Identification	b
Remote Source Inclusion	c
WebService	d
Administrative Console	e
Reverse (all but specified)	x

Evasion Options

Specify technique	-evasion <option>
Random URI encoding (non-UTF8)	1
Directory self-reference (/./)	2
Premature URL ending	3
Prepend long random string	4
Fake parameter	5
TAB as request spacer	6
Change the case of the URL	7
Use Windows directory separator (\)	8
Use a carriage return (0x0d) as a request spacer	A
Use binary value 0x0b as a request spacer	B

Display Options

Toggle display outputs	-Display <option>
Show redirects	1
Show cookies received	2
Show all 200/OK responses	3
Show URLs which require authentication	4
Debug output	D
Display all HTTP errors	E
Print progress to STDOUT	P
Scrub output of IPs and hostnames	S
Verbose output	V

File Output Options

Output file	-o <filename or . for auto name>
Specify format	-Format <format>
Available formats	csv
	json
	htm (HTML)
	txt
	xml

If format is left unspecified, it will be determined by the extension used in the output filename. Format can also be specified with plugins.

Plugin Examples

-plugin dictionary	Use a dictionary attack to enumerate directories and files
-plugin robots	Check robots.txt for paths to pass to other scripts
-plugin cgi	Check for CGI vulnerabilities
-plugin sitefiles	look for files based on the sites IP or name

Plugins Usage

List plugins	nikto --list-plugins
Specify plugin	-Plugin <plugin name>

Download the Nikto Cheat Sheet

1 Page

PDF (recommended)

PDF (1 page)

Alternative Downloads

Latest Cheat Sheet

2 Pages

(0)

Prediction Market Resolution Cheat Sheet

The mechanism a prediction market uses to resolve smart contracts determines its technical efficiency and its regulatory classification.

12 May 26

predictionmarket

Random Cheat Sheet

1 Page

(0)

Terminal tips Cheat Sheet

28 Jun 15, updated 13 May 16

About Cheatography

Cheatography is a collection of 6906 cheat sheets and quick references in 25 languages for everything from French to business!

Behind the Scenes

If you have any problems, or just want to say hi, you can find us right here:

Recent Cheat Sheet Activity

legal published Prediction Market Resolution.
6 days 8 hours ago

slay239 published my fav movies notes.
1 week 3 days ago

Soahasina published German grammar.
1 week 4 days ago

arthurpedroso updated Google Cloud Command Line.
1 week 5 days ago

ttime21 published TheHarvester.
2 weeks 5 days ago

© 2011 - 2026 Cheatography.com | CC License | Terms | Privacy

Latest Cheat Sheets RSS Feed