![]() ![]()
I wrote a detailed article on Metasploit recently and you can find it here. #INSTALL NIKTO PROFESSIONAL#Professional pen-testers use Metasploit almost every day. Metasploit is a powerful framework that lets you do everything from scanning to exploiting systems. #INSTALL NIKTO HOW TO#You can choose from CSV, HTML, nbe ( Nessus format), SQL, txt, and XML: > nikto -h -o scan.csv -Format csv Nikto Output formats How to Pair Nikto with Metasploit You can also use the -Format flag to specify an output format. To export a scan result, use the -o flag followed by the file name: > nikto -h -o scan.txt When you are a professional pen-tester, you don't want to repeat scans very often unless there are major changes to the web application. Nikto will start scanning the domains one after the other: Nikto Multi Domain Scan How to Export Scan Results To scan both of them with Nikto, run the following command: > nikto -h domains.txt Let's assume we have a file named domains.txt with two domain names: Nikto will know that the scan has to be performed on each domain / IP address. To scan multiple IP addresses or domains, just put them in a text file separated by newlines. ![]() To do that, use the same -h flag you used for domain scanning: > nikto -h 45.33.32.156 Nikto IP Address Scan How to Scan Multiple IP Addresses From a Text File Sometimes you just want to scan an IP address where a web server is hosted. Nikto will perform a basic scan on port 80 for the given domain and give you a complete report based on the scans performed: Nikto Domain Scan How to Scan a Domain with SSL Enabledįor domains with HTTPS enabled, you have to specify the -ssl flag to scan port 443: > nikto -h -ssl Nikto SSL Enabled Scan How to Scan an IP Address To perform a simple domain scan, use the -h (host) flag: > nikto -h Since Nikto is a command-line tool, you can use the help command to get a list of options: > nikto -Help How to Scan a Domain You should have written permission before you ever try to scan a system or network. Warning:īefore we get into scanning, I want to emphasize that I am not responsible for any damage you do trying to attack systems. #INSTALL NIKTO INSTALL#Now that you know what Nikto is and how to install it, let's go ahead and run some scans. It can be downloaded from here: Ĭomplete installation instructions for all platforms can be found here. If you don’t have Nikto on Kali (for some reason), you can get Nikto from GitHub or just use the “apt install nikto” command.įor installing Nikto on Windows, you must first install the Perl interpreter. If you’re using Kali Linux, Nikto comes preinstalled and will be present in the “Vulnerability Analysis” category. Since Nikto is a Perl-based program, it can run on most operating systems with the necessary Perl interpreter installed.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |