In this recipe, we have used Nikto to scan an application and generate an HTML report. There are some more options in this tool for performing specific scans or generating specific output formats. Some of the most useful are:
- -H: This shows Nikto's help.
- -config <file>: To use a custom configuration file in the scan.
- -update: This updates plugin databases.
- -Format <format>: This defines the output format; it may be CSV, HTM, NBE (Nessus), SQL, TXT, or XML. Formats such as CSV, XML, and NBE are very useful when we want to use Nikto's results as an input for other tools.
- -evasion <technique>: This uses some encoding techniques to help avoid detection by web application firewalls and intrusion detection systems.
- -list-plugins ...