Content-type: text/html Man page of NIKTO


Section: User Commands (1)
Updated: 2008-03-26
Index Return to Main Contents


nikto - web security scanner  


nikto -h host [options]  


nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server. It is designed to find many types of web server problems including server and software misconfigurations, default files and programs, insecure files and programs and outdated servers and programs.  


You can find complete documentation of all options in the file /usr/share/doc/nikto/nikto_manual.html
-h, -host
Host(s) to target. Can be an IP address, hostname or text file of hosts.
Scan these CGI directories in place of those specified in config.txt.
Specify an alternative config file in place of /etc/nikto/config.txt
Check the scan databases for syntax errors.
Specify the LibWhisker IDS evasion technique to use. See the complete manual for possible values.
Only discover HTTP(S) port and server headers.
Save the output file in one of the specified format (csv, htm, txt or xml).
ID and password to use for authentication.
Specify mutation technique. See the complete manual for possible values.
Do not perform name lookups on IP addresses.
Write report to the specified file.
-p, -port
Which port(s) to test. Default to 80.
Delay in seconds between each test.
Control the output of Nikto. See the complete manual, chapter 5, for possible values.
Prepend the specified value to the beginning of every request.
Only test SSL on the ports specified.
Perform a single request. See the complete manual for more information.
Delay in seconds before timeout.
Specify which kind of tests to run against target. See the complete manual for possible values.
Update the plugins and databases from
Use the HTTP proxy defined in config.txt.
Display versions of Nikto, plugins and database.
Specify the Host header to be sent with each request.
Display extended help information.


Configuration file for nikto
Plugins for nikto


nikto was written by Chris Sullo.

This manual page was written by Vincent Bernat <>, for the Debian project (but may be used by others).




This document was created by man2html, using the manual pages.
Time: 03:41:11 GMT, September 24, 2010