Web Vulnerability Scanning using Nikto –To Secure Your Website

Xeeshan Keyani August 13, 2025

Web Vulnerability Scanning Nikto: In the world of cybersecurity, web servers are a common target for attackers. Hackers often scan websites for vulnerabilities such as outdated software, misconfigurations, and insecure scripts. This is where Nikto, a powerful open-source web server scanner, comes in.

Nikto is a command-line tool designed to identify potential security risks on web servers. It can detect thousands of known vulnerabilities, including outdated server versions, dangerous files, insecure cookies, and missing security headers. Because of its speed, accuracy, and open-source nature, Nikto is widely used by ethical hackers and security professionals, including those preparing for the CEH (Certified Ethical Hacker) exam.

What is Nikto?

Nikto is an open-source vulnerability scanner that performs comprehensive tests against web servers. It checks for over 6,700 potentially dangerous files/programs and can identify more than 1,200 outdated server versions with known vulnerabilities.

Key Features of Nikto:

  • Detects outdated web server software
  • Scans for common and insecure files
  • Identifies configuration issues
  • Detects missing HTTP security headers
  • Supports SSL/TLS scanning
  • Generates HTML, CSV, or plain-text reports

Why Use Nikto in Web Security?

Web server vulnerabilities can lead to:

  • Data breaches (via outdated scripts and plugins)
  • Website defacement
  • Session hijacking
  • Unauthorized admin access
  • SEO spam infections

By running Nikto scans regularly, security teams can detect and patch issues before cybercriminals exploit them.

How Nikto Works

When you run a Nikto scan, the tool:

  1. Sends multiple HTTP requests to the target web server.
  2. Compares responses against a database of known vulnerability signatures.
  3. Detects potential issues such as:
    • Old Apache, Nginx, or IIS versions
    • Exposed admin directories (like /phpMyAdmin/)
    • Default installation files
    • Weak SSL configurations
  4. Logs all findings into a detailed report for analysis.

Example Nikto Command

Basic web scan:

nikto -h http://192.168.1.105

Save results as HTML:

nikto -h http://192.168.1.105 -output report.html -Format htm

SSL scan:

nikto -h https://example.com

Common Vulnerabilities Found by Nikto

  • Outdated Server Software – Example: Apache/2.2.8 with known CVEs
  • Directory Listing Enabled – Allows attackers to browse server files
  • Exposed Admin Interfaces – /phpMyAdmin/ without authentication
  • Insecure Cookies – Missing HttpOnly or Secure flags
  • Missing Security Headers – No X-Frame-Options, allowing clickjacking

Best Practices for Using Nikto

  • Always scan in a legal environment (e.g., penetration testing lab or authorized systems).
  • Run scans after updates to check for misconfigurations.
  • Combine Nikto with other tools like Nmap or OpenVAS for deeper analysis.
  • Regularly update Nikto’s vulnerability database for accurate detection.

 Nikto Web Vulnerability Scanning

 1. Lab Requirements

 Target Machine:

  • Use: Metasploitable2
  • IP: 192.168.1.105 (replace with your actual IP)
  • Ping Kali From target machine

  • Ping form target to kali

Attacker Machine:

  • OS: Kali Linux
  • Tools: Nikto (pre-installed on Kali)

 2. Objective

Perform a Nikto scan on a vulnerable web server and identify common vulnerabilities such as:

  • Outdated software
  • Directory listing
  • Default credentials
  • Insecure cookies

3. Lab Setup

  1. Ensure Kali Linux and Metasploitable2 are on the same network (192.168.1.0/24)
  2. Ping the target from Kali to confirm connectivity:

ping 192.168.1.105

  1. Start Apache on Metasploitable (if not auto-started):

sudo service apache2 start

4. Nikto Scan Execution

Basic Scan:

#nikto -h http://192.168.142.130

Full Detailed Scan with Output:

nikto -h http://192.168.1.105 -output nikto_report.html -Format htm

Optional:

  • SSL Scan: nikto -h https://target-ip
  • Specify Port: nikto -h 192.168.1.105 -p 8080

5. Sample Nikto Report Summary

Parameter

Value

Tool Used

Nikto v2.5.0

Target IP

192.168.1.105

Scan Method

HTTP GET, Header & Signature Analysis

Port Scanned

80

 🛠️ 6. Vulnerabilities Found (Example)

Vulnerability

Description

Outdated Apache Version

Apache/2.2.8 with known exploits

/phpMyAdmin/ Directory Listing Enabled

Sensitive interface exposed

/test.php Found

Test scripts left on production server

X-Frame-Options Header Missing

Clickjacking possible

Cookie Without HttpOnly Flag

Session hijacking risk

  7. Fix Suggestions

Issue

Recommendation

Outdated Software

Update Apache and PHP to latest versions

phpMyAdmin Exposed

Password-protect or remove access

Test Files Found

Remove unnecessary files from web root

Missing Headers

Add security headers in Apache config

Insecure Cookies

Use Secure and HttpOnly cookie attributes

 🧾 8. Report Conclusion (Example)

The Nikto scan revealed multiple security weaknesses including outdated server software, exposed administrative interfaces, and misconfigurations. Immediate remediation is recommended by updating software, restricting sensitive directories, and enhancing HTTP response headers.

 

Tags:

Post a Comment

0 Comments