Posts Tagged ‘’

niktoHelper – Bridge between Nmap Grepable Output and Nikto

July 7, 2013 Leave a comment

During a penetration test, Nikto is usually used after Nmap. However, sometimes the web servers are virtual hosts (serving more than one website on the same web server)

The usual steps after running Nmap against the hosts are
1. Go to and do a reverse DNS lookup (e.g. IP: on the IPs.
2. If there are no results, check the SSL certificate on the host
3. Run with the vhost parameter. (e.g.)

perl -vhost -maxtime 7200 -Cgidirs all -ssl -host -port 80 -output

This script automates all of the above steps.

Below is what you see when you run without any arguments.

You are able to select the number of threads to use using the -child argument.
To only display the Nikto command output, use the -display argument.


To run nikto against a selected website, key in the number followed by comma
E.g. 1,4,10

To run nikto against all results, key in ALL and press enter
To skip all websites shown, press ENTER or key in NONE followed by enter key.Image

If you use the -display argument, the Nikto command is supposed to be used against the websites are shown on screen.


The script can be downloaded at

If you have any feedback and suggestion, please send it to me below. Thank you