How To Install Nikto Web Scanner on Ubuntu

Install Nikto Web Scanner on Ubuntu

In this tutorial, we will show you how to install and configure of Nikto web scanner on your Ubuntu server. For those of you who didn’t know, Nikto Web-scanner is an open-source web-server scanner that can be used to scan the web-servers for malicious programs and files. Nikto can be used to scan the outdated versions of programs too. Nikto will provide us a quick and easy scan to find out the dangerous files and programs in the server, At the end of the scan result in a log file.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you the step-by-step installation of Nikto in the Ubuntu server.

Install Nikto Web Scanner on Ubuntu

Step 1. First, make sure that all your system packages are up-to-date by running the following apt-get commands in the terminal.

sudo apt-get update
sudo apt-get upgrade

Step 2. Install some prerequisites.

apt-get install wget unzip libnet-ssleay-perl libwhisker2-perl openssl

Step 3. Installing Nikto Web Scanner on Ubuntu.

The first thing to do is to go to Nikto’s download page and download the latest stable version of the Nikto web scanner, At the moment of writing this article it is version 2.1.5:

tar xvfz nikto-2.1.5.tar.gz
mv nikto-2.1.5/ nikto

Change the current working directory and make the Perl script executable:

cd nikto/
chmod +x

Before performing any scan we need to update the Nikto database packages using:

### perl -update

+ Retrieving 'nikto_cookies.plugin'
+ Retrieving 'db_parked_strings'
+ Retrieving 'nikto_headers.plugin'
+ Retrieving 'nikto_report_csv.plugin'
+ Retrieving 'db_tests'
+ Retrieving 'CHANGES.txt'
+ message: Please submit Nikto bugs to

Step 4. Scan for vulnerabilities using Nikto.

For example, the following command will scan your website:

perl -h

You can check all options supported by Nikto using the -h switch:

### perl -h

-config+            Use this config file
-Display+           Turn on/off display outputs
-dbcheck            check database and other key files for syntax errors
-Format+            save file (-o) format
-Help               Extended help information
-host+              target host
-id+                Host authentication to use, format is id:pass or id:pass:realm
-list-plugins       List all available plugins
-output+            Write output to this file
-nossl              Disables using SSL
-no404              Disables 404 checks
-Plugins+           List of plugins to run (default: ALL)
-port+              Port to use (default 80)
-root+              Prepend root value to all requests, format is /directory
-ssl                Force ssl mode on port
-Tuning+            Scan tuning
-timeout+           Timeout for requests (default 10 seconds)
-update             Update databases and plugins from
-Version            Print plugin and database versions
-vhost+             Virtual host (for Host header)

Congratulations! You have successfully installed Nikto. Thanks for using this tutorial for installing the Nikto web scanner on your Ubuntu 16.04 system. For additional help or useful information, we recommend you check the official Nikto website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!