NIKTO WEB SCANNER
-h = IP specify
-p = port scan
--list-plugins = Nikto plugins
Examples:
cgi = CGI script lookup for possible exploitation
apacheusers = Apache HTTP Authentication, users enumeration)
robots = robots.txt file analysis
dir_traversal = Directory traversal attack (LFI)
Display = Nikto Output (Arguments: E = error output, 2 = show cookies, 1 = show redirects)
VULNERABILITY SEARCHING
-Tuning (Arguments: 0 = File Upload, 2 = Misconfigurations/Default files, 3 = Information Disclosure, 4 = Injection, 8 = Command Injection, 9 = SQL Injection)
-o = Output report
Last updated