🦑 Tool: Nikto - Web Server Scanning

Nikto is a web server scanner that detects security vulnerabilities in web servers, including outdated software, security misconfigurations, and other potential threats.

---

### Basic Usage Command:

nikto -h http://example.com

Explanation:
- nikto: Runs the Nikto tool.
- -h http://example.com: Specifies the target host to scan (http://example.com in this case).

---

### Example: Scanning for Specific Vulnerabilities

nikto -h http://example.com -Tuning 3

Explanation:
- -Tuning 3: Scans for known vulnerabilities (such as file permissions, potential information leaks, etc.).

---

### Example: Output Results to a File

nikto -h http://example.com -o scan_results.txt

Explanation:
- -o scan_results.txt: Saves the scan results to a text file named scan_results.txt.

---

### Example: Scan with Authentication

nikto -h http://example.com -auth "admin:password123"

Explanation:
- -auth "admin:password123": Uses basic HTTP authentication with the provided username and password.

---

### Example: Scan a Specific Port

nikto -h http://example.com -p 8080

Explanation:
- -p 8080: Specifies a custom port (8080) to scan for vulnerabilities.

---

### Important Notes:
1. Nikto is a powerful tool for security researchers and penetration testers.
2. Unauthorized scanning and exploitation of web servers is illegal. Always obtain proper authorization before using Nikto for vulnerability assessments.

14 Hours Bug Bounty Course 2024 Updated

https://youtu.be/TTw-EY7F1rM