If you are looking for a more in-depth article about the usage of Nikto, see my blog about Nikto usage. Click Here
Syntax:
nikto -h [Target] [Options]
Example:
nikto -h http://example.com
Options/Flags:
-h
: Target URL or IP address-id
: Host authentication username and password (e.g.,-id admin:password
)-output
: Output file-Format
: Output format (e.g.,-Format xml
)-ssl
: Force SSL mode-Cgidirs
: Scan for CGI directories-Tuning
: Scan tuning (e.g.,-Tuning 3
)-Evasion
: Evasion technique (e.g.,-Evasion 1
)-Plugins
: Use specific plugins (e.g.,-Plugins tests/ssl
)-list-plugins
: List available plugins-dbcheck
: Check database support-version
: Show Nikto version-help
: Help