Nikto Cheat Sheet

Nikto Cheat Sheet

If you are looking for a more in-depth article about the usage of Nikto, see my blog about Nikto usage. Click Here


nikto -h [Target] [Options]


nikto -h


  • -h: Target URL or IP address

  • -id: Host authentication username and password (e.g., -id admin:password)

  • -output: Output file

  • -Format: Output format (e.g., -Format xml)

  • -ssl: Force SSL mode

  • -Cgidirs: Scan for CGI directories

  • -Tuning: Scan tuning (e.g., -Tuning 3)

  • -Evasion: Evasion technique (e.g., -Evasion 1)

  • -Plugins: Use specific plugins (e.g., -Plugins tests/ssl)

  • -list-plugins: List available plugins

  • -dbcheck: Check database support

  • -version: Show Nikto version

  • -help: Help