Nikto: Definition, Features and Disadvantages
What is Nikto?
Nikto is an open source (GPL) web server scanner which performs tests against 6700 potentially dangerous files and programs. Nikto also checks for outdated versions of over 1250 servers. It is created by David Lodge and Chris Sullo and its first version is released on 27, December 2001.
It is written in the Perl programming language. It checks for the presence of multiple index files and HTTP server options.
Features of Nikto
1. It can find SQL injection, XSS, and other common vulnerabilities.
2. It can identify installed software via headers, favicons, and files.
3. It can also guess the subdomains of the scanned domain.
4. The reports generated by it can be exported as plain text, XML, HTML, and CSV format.
5. It can be integrated with Nessus.
6. It exports to Metasploit.
7. It can be auto paused at a specific time.
8. It can be easily updated via the command line.
9. It includes support for SSL (HTTPS) websites.
10. It has full HTTP proxy support.
Disadvantage of Nikto
Runs at the command line without any graphical user interface.