Nikto has detected the Webserver, XSS vulnerabilities, Php information and WordPress installation. This output has a lot of useful information. + The X-XSS-Protection header is not defined. Installing Nikto on Ubuntu system is basically straightforward as the package is already accessible on the default repositories.įirst to update the system repositories we will use the following command :
It can discover overlooked contents or scripts and other difficult to identify issues from an outside point of view. Nikto can be used to test a Web Site and Web Server or a Virtual Host for known security vulnerabilities and mis-configurations of files, programs and servers. The vast number of tests for both security vulnerabilities and mis-configured web servers makes it a go to device for most of the security experts and pentesters. Nikto performs more than 6700 tests against a site. Nikto has the ability to detect possibly fascinating threats by referencing the robots.txt file, by spidering the outside of the application, and by going through a rundown of known documents that might contain interesting data.
Nikto is one of the open source utilities that is broadly utilized by Pentesters for quick and automated web application vulnerability scanning.
