Welcome to Scribd!

100% found this document useful (1 vote)

835 views

Nikto Cheat Sheet: - Tuning

Uploaded by

This document provides a cheat sheet for using the Nikto vulnerability scanner. It lists basic usage examples and options for tuning scans, evasion techniques, output formats, and other settings like specifying ports, proxies, maximum testing times, and updating or checking the Nikto database.

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

SampleResume Example 3 - Home Lab (Junior)
Document2 pages
SampleResume Example 3 - Home Lab (Junior)
milo
100% (1)
Unrealircd Conf
Document15 pages
Unrealircd Conf
ZacharyFoster
No ratings yet
Snorby Installation Guide
Document7 pages
Snorby Installation Guide
newlife439
No ratings yet
Web Penetration Testing with Kali Linux - Second Edition
From Everand
Web Penetration Testing with Kali Linux - Second Edition
Ansari Juned Ahmed
No ratings yet
CyberWar AOCO 2014
Document172 pages
CyberWar AOCO 2014
strokenfilled
0% (1)
Nmap
Document14 pages
Nmap
ayeshashafeeq
No ratings yet
Basic Knowldges of Pentesting 1
Document289 pages
Basic Knowldges of Pentesting 1
micotay599
No ratings yet
Abusing SUDO (Linux Privilege Escalation)
Document5 pages
Abusing SUDO (Linux Privilege Escalation)
Aneudy Hernandez Peña
100% (1)
Checklist 1 After Recon
Document2 pages
Checklist 1 After Recon
sidhant Tech
No ratings yet
XSS in Theory: Cross-Site Scripting
Document12 pages
XSS in Theory: Cross-Site Scripting
Hesham Medhat
No ratings yet
OS Command Injection PDF 1634745915
Document36 pages
OS Command Injection PDF 1634745915
Rodrigo Juan
No ratings yet
Weaponized XSS Workshop
Document54 pages
Weaponized XSS Workshop
teddd
No ratings yet
Web Backdoors Evasion Detection
Document9 pages
Web Backdoors Evasion Detection
h1025090
No ratings yet
Nmap Pentesting
Document12 pages
Nmap Pentesting
Anonymous Hb8sb2yM
100% (1)
Relevant TryHackMe Pentesting Report by Dorota Kozlowska 1646244313 PDF
Document22 pages
Relevant TryHackMe Pentesting Report by Dorota Kozlowska 1646244313 PDF
Hanzo Hayabuto
No ratings yet
006 Course Guide - Bug Bounty & Web Security by ZTM
Document5 pages
006 Course Guide - Bug Bounty & Web Security by ZTM
Darshan Chindarkar
No ratings yet
Advanced Web Service Attacks and Exploitation (AWAE)
Document9 pages
Advanced Web Service Attacks and Exploitation (AWAE)
Prasad More 64
No ratings yet
Lab 19 Metasploit
Document11 pages
Lab 19 Metasploit
oscar tebar
100% (1)
Lab Sheet 3
Document8 pages
Lab Sheet 3
api-241418009
No ratings yet
Module-3: Information Security Management
Document17 pages
Module-3: Information Security Management
Akshi Chauhan
No ratings yet
Syllabus: Penetration Testing Course - Professional Version 4.0
Document35 pages
Syllabus: Penetration Testing Course - Professional Version 4.0
jeandelcarpio
No ratings yet
Packet Sniffers
Document42 pages
Packet Sniffers
Amit Bora
No ratings yet
Mimikatz and Metasploit
Document23 pages
Mimikatz and Metasploit
hihackthis
No ratings yet
Rainbow Crack Tutorial
Document6 pages
Rainbow Crack Tutorial
Tirta Keola
No ratings yet
Dork Joomla
Document3 pages
Dork Joomla
Dhopank OktaViani
No ratings yet
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
Document12 pages
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
LIKITH UMESH
No ratings yet
RAT RemoteAdministrativeTrojan
Document5 pages
RAT RemoteAdministrativeTrojan
Akyll Tutor
No ratings yet
Nmap The Art of Port Scanning PDF
Document6 pages
Nmap The Art of Port Scanning PDF
Japari Japora
No ratings yet
21 Sysadmin Tools For Admins
Document10 pages
21 Sysadmin Tools For Admins
Nova999
No ratings yet
Sqlmap
Document1 page
Sqlmap
hello
No ratings yet
Ultimate Guide To OSCP 2021 - Adithyan AK
Document46 pages
Ultimate Guide To OSCP 2021 - Adithyan AK
Martin Motta
100% (1)
Week 9 - Computer Forensics - Registery Editor Autopsy
Document49 pages
Week 9 - Computer Forensics - Registery Editor Autopsy
kishor jha
No ratings yet
Hacking Techniques and Preventions
Document16 pages
Hacking Techniques and Preventions
Ankur Sen
100% (1)
Exploit Writing Using Metasploit Framework
Document56 pages
Exploit Writing Using Metasploit Framework
Rincón Hacker
No ratings yet
OSCP Exam Report
Document19 pages
OSCP Exam Report
hazemmagdy648
No ratings yet
Hackthebox and Vulnhub
Document15 pages
Hackthebox and Vulnhub
Rizam Ali Javed
No ratings yet
Nethunter
Document12 pages
Nethunter
Centrala Blagajna
No ratings yet
Nmap Command
Document14 pages
Nmap Command
Francis Densil Raj
No ratings yet
Phishing and Malicious Javascript: John Mitchell
Document40 pages
Phishing and Malicious Javascript: John Mitchell
vschauhan
100% (3)
Wireless Penetration Testing
Document11 pages
Wireless Penetration Testing
devil00x
No ratings yet
Offsec Sample Report
Document32 pages
Offsec Sample Report
iuppiter
No ratings yet
Port Scans
Document7 pages
Port Scans
Lju Lju
No ratings yet
How-To: DNS Enumeration: Author: Mohd Izhar Ali
Document13 pages
How-To: DNS Enumeration: Author: Mohd Izhar Ali
dmbowie89
No ratings yet
Intrusion Detection Techniques
Document5 pages
Intrusion Detection Techniques
Joshua Ayoola
100% (1)
5 Ways I Bypassed Your Web Application Firewall (WAF)
Document18 pages
5 Ways I Bypassed Your Web Application Firewall (WAF)
JOSÉ IGNACIO PARRA VALENZUELA
100% (1)
Guide To Penetration Testing
Document18 pages
Guide To Penetration Testing
Jindřich Cieślicki
100% (1)
Ethical Hacking Lab 10
Document33 pages
Ethical Hacking Lab 10
Jeanna Taylor
100% (1)
WWW - Hackingarticles.in: Page - 1
Document56 pages
WWW - Hackingarticles.in: Page - 1
vybi
No ratings yet
Ethical Hacking
Document12 pages
Ethical Hacking
mani3686
No ratings yet
Metasploit Tutorial Part 1: Inside The Metasploit Framework: You Can Read The, On Searchsecurity - in
Document7 pages
Metasploit Tutorial Part 1: Inside The Metasploit Framework: You Can Read The, On Searchsecurity - in
programe info
No ratings yet
Hacking With Kali Linux Useful Guide - Ben Lara
Document92 pages
Hacking With Kali Linux Useful Guide - Ben Lara
Tex59dk
No ratings yet
© 2018 Caendra, Inc. - Hera For PTP - Nessus
Document17 pages
© 2018 Caendra, Inc. - Hera For PTP - Nessus
Saw Gyi
No ratings yet
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
Document15 pages
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
ainz
No ratings yet
The Google Android Security Team's Classifications For Potentially Harmful Applications PDF
Document6 pages
The Google Android Security Team's Classifications For Potentially Harmful Applications PDF
Muhammad Nur Alam
No ratings yet
MTPAHCheatSheetv01 Dark
Document1 page
MTPAHCheatSheetv01 Dark
anuthescorp
No ratings yet
SQLMAP
Document5 pages
SQLMAP
Quratulain Tariq
No ratings yet
77 Linux Commands and Utilities You'Ll Actually Use
Document16 pages
77 Linux Commands and Utilities You'Ll Actually Use
arun0076@gmail.com
No ratings yet
DDoS Mitigation A Complete Guide - 2019 Edition
From Everand
DDoS Mitigation A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Testing intrusion detection Third Edition
From Everand
Testing intrusion detection Third Edition
Gerardus Blokdyk
No ratings yet
Detained
From Everand
Detained
Claire Ainslie
No ratings yet

Nikto Cheat Sheet: - Tuning

Uploaded by

Xavi Luna

100% found this document useful (1 vote)

835 views1 page

Original Description:

Original Title

CheatSheetNikto.pdf

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

100% found this document useful (1 vote)

835 views1 page

Nikto Cheat Sheet: - Tuning

Uploaded by

Xavi Luna

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 1

Search inside document

Nikto Cheat Sheet

Basic Usage!

! nikto -host example.com -port 8080 ! ! ! !

Display Options ! 1 2 3 4 D E P S V ! ! !

Tuning!

-Tuning

-Display

Show redirects Show cookies received Show all 200/OK responses Show URLs which require authentication Debug output Display all HTTP errors Print progress to STDOUT Scrub output of IPs and hostnames Verbose output ! !

Evasion Options! 1 2 3 4 5 6 7 8 A B

1 ! Interesting File / Seen in logs! 2 ! Misconguration / Default File! 3 ! Information Disclosure! 4 ! Injection (XSS/Script/HTML)! 5 ! Remote File Retrieval - Inside Web Root! 6 ! ! Denial of Service! 7 ! Remote File Retrieval - Server Wide! 8 ! Command Execution / Remote Shell! 9 ! SQL Injection! 0 ! File Upload! a ! Authentication Bypass! b ! Software Identication! c ! Remote Source Inclusion! x ! Reverse Tuning Options (i.e., include all ! except specied)! Specify Port Number! Use Proxy!

-evasion

-port!

Random URI encoding (non-UTF8) Directory self-reference (/./) Premature URL ending Prepend long random string Fake parameter TAB as request spacer Change the case of the URL Use Windows directory separator (\) Use a carriage return (0x0d) as a request spacer Use binary value 0x0b as a request spacer

-useproxy! -maxtime -until -nossl ! -ssl -no404 -id ! -key

Maximum testing time per host secs! Run for specied time or duration! Disables SSL! Force SSL! Disables 404 Guessing! Host authentication! format id:pass or id:pass:realm! Client certicate key le! Display Version! Help!

Output File Format! Use -o to save le with le extension.! csv! Comma-separated-value! htm ! HTML Format! msf+ ! Log to Metasploit! nbe ! Nessus NBE format! txt ! Plain text! xml ! XML Format!

-Format !

-Version! -H or -h! -update! -dbcheck! -config

Virtual host! Save Request & Response Headers! Can be replayed with replay.pl

-vhost! -save!

Update! DBCheck! Specify cong le!

NeedSec.com

SampleResume Example 3 - Home Lab (Junior)
Document2 pages
SampleResume Example 3 - Home Lab (Junior)
milo
100% (1)
Unrealircd Conf
Document15 pages
Unrealircd Conf
ZacharyFoster
No ratings yet
Snorby Installation Guide
Document7 pages
Snorby Installation Guide
newlife439
No ratings yet
Web Penetration Testing with Kali Linux - Second Edition
From Everand
Web Penetration Testing with Kali Linux - Second Edition
Ansari Juned Ahmed
No ratings yet
CyberWar AOCO 2014
Document172 pages
CyberWar AOCO 2014
strokenfilled
0% (1)
Nmap
Document14 pages
Nmap
ayeshashafeeq
No ratings yet
Basic Knowldges of Pentesting 1
Document289 pages
Basic Knowldges of Pentesting 1
micotay599
No ratings yet
Abusing SUDO (Linux Privilege Escalation)
Document5 pages
Abusing SUDO (Linux Privilege Escalation)
Aneudy Hernandez Peña
100% (1)
Checklist 1 After Recon
Document2 pages
Checklist 1 After Recon
sidhant Tech
No ratings yet
XSS in Theory: Cross-Site Scripting
Document12 pages
XSS in Theory: Cross-Site Scripting
Hesham Medhat
No ratings yet
OS Command Injection PDF 1634745915
Document36 pages
OS Command Injection PDF 1634745915
Rodrigo Juan
No ratings yet
Weaponized XSS Workshop
Document54 pages
Weaponized XSS Workshop
teddd
No ratings yet
Web Backdoors Evasion Detection
Document9 pages
Web Backdoors Evasion Detection
h1025090
No ratings yet
Nmap Pentesting
Document12 pages
Nmap Pentesting
Anonymous Hb8sb2yM
100% (1)
Relevant TryHackMe Pentesting Report by Dorota Kozlowska 1646244313 PDF
Document22 pages
Relevant TryHackMe Pentesting Report by Dorota Kozlowska 1646244313 PDF
Hanzo Hayabuto
No ratings yet
006 Course Guide - Bug Bounty & Web Security by ZTM
Document5 pages
006 Course Guide - Bug Bounty & Web Security by ZTM
Darshan Chindarkar
No ratings yet
Advanced Web Service Attacks and Exploitation (AWAE)
Document9 pages
Advanced Web Service Attacks and Exploitation (AWAE)
Prasad More 64
No ratings yet
Lab 19 Metasploit
Document11 pages
Lab 19 Metasploit
oscar tebar
100% (1)
Lab Sheet 3
Document8 pages
Lab Sheet 3
api-241418009
No ratings yet
Module-3: Information Security Management
Document17 pages
Module-3: Information Security Management
Akshi Chauhan
No ratings yet
Syllabus: Penetration Testing Course - Professional Version 4.0
Document35 pages
Syllabus: Penetration Testing Course - Professional Version 4.0
jeandelcarpio
No ratings yet
Packet Sniffers
Document42 pages
Packet Sniffers
Amit Bora
No ratings yet
Mimikatz and Metasploit
Document23 pages
Mimikatz and Metasploit
hihackthis
No ratings yet
Rainbow Crack Tutorial
Document6 pages
Rainbow Crack Tutorial
Tirta Keola
No ratings yet
Dork Joomla
Document3 pages
Dork Joomla
Dhopank OktaViani
No ratings yet
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
Document12 pages
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
LIKITH UMESH
No ratings yet
RAT RemoteAdministrativeTrojan
Document5 pages
RAT RemoteAdministrativeTrojan
Akyll Tutor
No ratings yet
Nmap The Art of Port Scanning PDF
Document6 pages
Nmap The Art of Port Scanning PDF
Japari Japora
No ratings yet
21 Sysadmin Tools For Admins
Document10 pages
21 Sysadmin Tools For Admins
Nova999
No ratings yet
Sqlmap
Document1 page
Sqlmap
hello
No ratings yet
Ultimate Guide To OSCP 2021 - Adithyan AK
Document46 pages
Ultimate Guide To OSCP 2021 - Adithyan AK
Martin Motta
100% (1)
Week 9 - Computer Forensics - Registery Editor Autopsy
Document49 pages
Week 9 - Computer Forensics - Registery Editor Autopsy
kishor jha
No ratings yet
Hacking Techniques and Preventions
Document16 pages
Hacking Techniques and Preventions
Ankur Sen
100% (1)
Exploit Writing Using Metasploit Framework
Document56 pages
Exploit Writing Using Metasploit Framework
Rincón Hacker
No ratings yet
OSCP Exam Report
Document19 pages
OSCP Exam Report
hazemmagdy648
No ratings yet
Hackthebox and Vulnhub
Document15 pages
Hackthebox and Vulnhub
Rizam Ali Javed
No ratings yet
Nethunter
Document12 pages
Nethunter
Centrala Blagajna
No ratings yet
Nmap Command
Document14 pages
Nmap Command
Francis Densil Raj
No ratings yet
Phishing and Malicious Javascript: John Mitchell
Document40 pages
Phishing and Malicious Javascript: John Mitchell
vschauhan
100% (3)
Wireless Penetration Testing
Document11 pages
Wireless Penetration Testing
devil00x
No ratings yet
Offsec Sample Report
Document32 pages
Offsec Sample Report
iuppiter
No ratings yet
Port Scans
Document7 pages
Port Scans
Lju Lju
No ratings yet
How-To: DNS Enumeration: Author: Mohd Izhar Ali
Document13 pages
How-To: DNS Enumeration: Author: Mohd Izhar Ali
dmbowie89
No ratings yet
Intrusion Detection Techniques
Document5 pages
Intrusion Detection Techniques
Joshua Ayoola
100% (1)
5 Ways I Bypassed Your Web Application Firewall (WAF)
Document18 pages
5 Ways I Bypassed Your Web Application Firewall (WAF)
JOSÉ IGNACIO PARRA VALENZUELA
100% (1)
Guide To Penetration Testing
Document18 pages
Guide To Penetration Testing
Jindřich Cieślicki
100% (1)
Ethical Hacking Lab 10
Document33 pages
Ethical Hacking Lab 10
Jeanna Taylor
100% (1)
WWW - Hackingarticles.in: Page - 1
Document56 pages
WWW - Hackingarticles.in: Page - 1
vybi
No ratings yet
Ethical Hacking
Document12 pages
Ethical Hacking
mani3686
No ratings yet
Metasploit Tutorial Part 1: Inside The Metasploit Framework: You Can Read The, On Searchsecurity - in
Document7 pages
Metasploit Tutorial Part 1: Inside The Metasploit Framework: You Can Read The, On Searchsecurity - in
programe info
No ratings yet
Hacking With Kali Linux Useful Guide - Ben Lara
Document92 pages
Hacking With Kali Linux Useful Guide - Ben Lara
Tex59dk
No ratings yet
© 2018 Caendra, Inc. - Hera For PTP - Nessus
Document17 pages
© 2018 Caendra, Inc. - Hera For PTP - Nessus
Saw Gyi
No ratings yet
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
Document15 pages
Cysa+ Cs0-002 Exam Topics Notes: 1.0 Threat and Vulnerability Management
ainz
No ratings yet
The Google Android Security Team's Classifications For Potentially Harmful Applications PDF
Document6 pages
The Google Android Security Team's Classifications For Potentially Harmful Applications PDF
Muhammad Nur Alam
No ratings yet
MTPAHCheatSheetv01 Dark
Document1 page
MTPAHCheatSheetv01 Dark
anuthescorp
No ratings yet
SQLMAP
Document5 pages
SQLMAP
Quratulain Tariq
No ratings yet
77 Linux Commands and Utilities You'Ll Actually Use
Document16 pages
77 Linux Commands and Utilities You'Ll Actually Use
arun0076@gmail.com
No ratings yet
DDoS Mitigation A Complete Guide - 2019 Edition
From Everand
DDoS Mitigation A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Testing intrusion detection Third Edition
From Everand
Testing intrusion detection Third Edition
Gerardus Blokdyk
No ratings yet
Detained
From Everand
Detained
Claire Ainslie
No ratings yet

Nikto Cheat Sheet: - Tuning

Uploaded by

Copyright:

Available Formats

You might also like

Nikto Cheat Sheet: - Tuning

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nikto Cheat Sheet: - Tuning

Uploaded by

Copyright:

Available Formats

Nikto Cheat Sheet

! nikto -host example.com -port 8080 ! ! ! !

-useproxy! -maxtime -until -nossl ! -ssl -no404 -id ! -key

-Version! -H or -h! -update! -dbcheck! -config

Update! DBCheck! Specify cong le!

You might also like