Details

Category: Scanners

Publisher: trickest

Created Date: 9/7/2021

Container: quay.io/trickest/nikto:dc98b86

Source URL: https://github.com/sullo/nikto

Parameters

host
string
required
Command: -host - Target host
port
string
Command: -port - Port to use (default 80)
proxy
string
Command: -useproxy - Use the proxy defined in nikto.conf, or argument http://server:port
until
string
Command: -until - Run until the specified time or duration
vhost
string
Command: -vhost - Virtual host (for Host header)
format
string
Command: -Format - Output file format (Options: csv, html, nbe, txt, xml)
mutate
string
Command: -mutate - Guess additional file names
no-404
boolean
Command: -no404 - Disables nikto attempting to guess a 404 page
no-ssl
boolean
Command: -nossl - Disables the use of SSL
dbcheck
boolean
Command: -dbcheck - Check database and other key files for syntax errors
display
string
Command: -Display - Turn on/off display outputs (options: 1, 2, 3, 4, D, E, P, S, V)
maxtime
string
Command: -maxtime - Maximum testing time per host (e.g., 1h, 60m, 3600s)
timeout
string
Command: -timeout - Timeout for requests (default 10 seconds)
userdbs
string
Command: -Userdbs - Load only user databases, not the standard databases
cgi-dirs
string
Command: -Cgidirs - Scan these CGI dirs: none, all, or values like /cgi/ /cgi-a/
nolookup
boolean
Command: -nolookup - Disables DNS lookups
rsa-cert
file
Command: -RSAcert - Client certificate file
force-ssl
boolean
Command: -ssl - Force ssl mode on port
IgnoreCode
string
Command: -IgnoreCode - Ignore Codes--treat as negative responses
use-config
file
Command: -config - Use this config file
user-agent
string
Command: -useragent - Over-rides the default useragent
scan-tuning
string
Command: -Tuning - Scan tuning:
mutate-options
string
Command: -mutate-options - Provide information for mutates
root-directory
string
Command: -root - Prepend root value to all requests, format is /directory
client-cert-key
file
Command: -key - Client certificate key file
evasion-technique
string
Command: -evasion - Encoding technique
host-authentication
string
Command: -id - Host authentication to use, format is id:pass or id:pass:realm