If you are looking for a more in-depth article about the usage of Nikto, see my blog about Nikto usage. Click Here

Syntax:

nikto -h [Target] [Options]

Example:

nikto -h http://example.com

Options/Flags:

• -h: Target URL or IP address

• -id: Host authentication username and password (e.g., -id admin:password)

• -output: Output file

• -Format: Output format (e.g., -Format xml)

• -ssl: Force SSL mode

• -Cgidirs: Scan for CGI directories

• -Tuning: Scan tuning (e.g., -Tuning 3)

• -Evasion: Evasion technique (e.g., -Evasion 1)

• -Plugins: Use specific plugins (e.g., -Plugins tests/ssl)

• -list-plugins: List available plugins

• -dbcheck: Check database support

• -version: Show Nikto version

• -help: Help