Nikto is available on its author’s web site at http://www.cirt.net. Download the latest tar.gz file of the Nikto source code. After uncompressing it, execute perl nikto.pl from the command line to see the program’s options. This chapter was written using Nikto 1.32 as a reference, but future versions should be very similar, as the core is stable.
To use Nikto you must have a Perl interpreter on your system. If you
want to use Nikto’s SSL scanning features you must
install the SSL software and libraries. You can
get these for Windows systems from http://www.activestate.com/. If
you’re running Nikto on a Unix-like system, you can
get
OpenSSL from http://www.openssl.org/ and the
Net::SSLeay
module from http://www.cpan.org/. At its foundation Nikto
uses
RFP’s LibWhisker, which
comes bundled with the tar.gz file; optionally
you can place Nikto in the Perl library search path.
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.