Name:nikto
Category:Scanners
Publisher:trickest
Created:9/7/2021
Container:quay.io/trickest/nikto:dc98b86
Output Type:
License:Unknown

Parameters

host
string
required
-hostTarget host
port
string
-portPort to use (default 80)
proxy
string
-useproxyUse the proxy defined in nikto.conf, or argument http://server:port
until
string
-untilRun until the specified time or duration
vhost
string
-vhostVirtual host (for Host header)
format
string
-FormatOutput file format (Options: csv, html, nbe, txt, xml)
mutate
string
-mutateGuess additional file names
no-404
boolean
-no404Disables nikto attempting to guess a 404 page
no-ssl
boolean
-nosslDisables the use of SSL
dbcheck
boolean
-dbcheckCheck database and other key files for syntax errors
display
string
-DisplayTurn on/off display outputs (options: 1, 2, 3, 4, D, E, P, S, V)
maxtime
string
-maxtimeMaximum testing time per host (e.g., 1h, 60m, 3600s)
timeout
string
-timeoutTimeout for requests (default 10 seconds)
userdbs
string
-UserdbsLoad only user databases, not the standard databases
cgi-dirs
string
-CgidirsScan these CGI dirs: none, all, or values like /cgi/ /cgi-a/
nolookup
boolean
-nolookupDisables DNS lookups
rsa-cert
file
-RSAcertClient certificate file
force-ssl
boolean
-sslForce ssl mode on port
IgnoreCode
string
-IgnoreCodeIgnore Codes--treat as negative responses
use-config
file
-configUse this config file
user-agent
string
-useragentOver-rides the default useragent
scan-tuning
string
-TuningScan tuning:
mutate-options
string
-mutate-optionsProvide information for mutates
root-directory
string
-rootPrepend root value to all requests, format is /directory
client-cert-key
file
-keyClient certificate key file
evasion-technique
string
-evasionEncoding technique
host-authentication
string
-idHost authentication to use, format is id:pass or id:pass:realm