Show Menu

Nikto Cheat Sheet - rt Cheat Sheet by

Nikto Cheat Sheet for Quick Reference


Single Port
nikto -h 192.16­8.0.1
Specify Port
nikto -h 192.16­8.0.1 -p 443
nikto -h 192.16­8.0.1 -p 443 -ssl
Multiple Ports
Same Host
nikto -h 192.16­8.0.1 -p 80,88,443
Multiple Host via .txt

Annotated Option List

1 Show redirects
2 Show cookies received
3 Show all 200/OK responses
4 Show URLs which require authen­tic­ation
D Debug output
E Display all HTTP errors
P Print progress to STDOUT
S Scrub outupt of IPs and hostnames
V Verbose output
1 Random URI encoding (non-UTF8)
2 Directory self-r­efe­rence (/./)
3 Premature URL ending
4 Prepend long random string
5 Fake parameter
6 TAB as request spacer
7 Change the case of the URL
8 Use Windows directory separator ()
A Use a carriage return (0x0d) as a request spacer
B Use binary value 0x0b as a request spacer
Help File
List all available plugins, perform no testing
Guess additional file names:
1 Test all files with all root direct­ories
2 Guess for password file names
3 Enumerate user names via Apache (/~user type requests)
4 Enumerate user names via cgiwrap (/cgi-­bin­/cg­iwr­ap/­~user type requests)
5 Attempt to brute force sub-domain names, assume that the host name is the parent domain
6 Attempt to guess directory names from the supplied dictionary file
Provide inform­ation for mutates
Port to use (default 80)
Scan tuning:
1 Intere­sting File / Seen in logs
2 Miscon­fig­uration / Default File
3 Inform­ation Disclosure
4 Injection (XSS/S­cri­pt/­HTML)
5 Remote File Retrieval - Inside Web Root
6 Denial of Service
7 Remote File Retrieval - Server Wide
8 Command Execution / Remote Shell
9 SQL Injection
0 File Upload
a Authen­tic­ation Bypass
b Software Identi­fic­ation
c Remote Source Inclusion
d WebService
e Admini­str­ative Console
x Reverse Tuning Options (i.e., include all except specified)

Scan Tuning

0 File Upload
1 Intere­sting File/ Seen in Logs
2 Miscon­fig­ura­tio­n/D­efault File
3 Inform­ation Disclosure
4 Injection
5 Remote File Retrieval - Web
6 Denial of Service
7 Remote File Retrieval - Server
8 Command Execution / Remote Shell
9 SQL Injection
a Auth Bypass
b Software ID
c Remote Source
x Reverse Tuning

Using a Proxy

Via Command Line
Via nikto.conf
./ -h localhost -useproxy http:/­/lo­cal­hos­t:8080/
perl -h localhost -p 80 -useproxy

Debugging & Updating

-Display v (verbose) d (debug)
git pull

Intera­ctive Features

SPACE - Report current scan status
v - Turn verbose mode on/off
d - Turn debug mode on/off
e - Turn error reporting on/off
p - Turn progress reporting on/off
r - Turn 3xx/re­direct display on/off
c - Turn cookie display on/off
o - Turn 200/OK display on/off
a - Turn auth display on/off
q - Quit (grace­fully)
N - Next host/post
P - Pause


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Nikto Cheat Sheet