Simple Version

A tool that scans websites for known vulnerabilities and misconfigurations.

What Nikto Does:

• 🔎 Detects outdated server software
• ⚠️ Finds known vulnerabilities (CVE-based checks)
• 📂 Identifies dangerous files & directories
• 🧾 Checks server misconfigurations
• 🔐 Analyzes headers & security settings

Commands:

1. h:

-h is used to specify the target host (website/IP) that Nikto will scan.

Syntax

nikto -h <http://example.com>

You can use it with:

• Domain:

nikto -h example.com