Using Nikto right

Hello everyone !
Nikto is one of the first tools I encountered when i started learning infosec, but then out of habits and because I watch a lot of ippsec's videos, I quit using it altogether and did most of my recon with the very well known nmap, gobuster, wfuzz... well, you know them I suppose.
Sometimes though, when I'm out of idea, I fall back to Nikto , just in case it might see something other tools haven't.
The thing is, I can't recall one time where that actually happened. Never have I used Nikto in a way that in the end I would say that was game changing.

So my question is, what's the value of that tool ? In which context should I think of using it instead of something else ? Is it just a matter of preference or is there actually some things Nikto can do I'm unaware of and I'm missing on something big ?

Comments

  • @dragonista said:

    Hello everyone !
    Nikto is one of the first tools I encountered when i started learning infosec, but then out of habits and because I watch a lot of ippsec's videos, I quit using it altogether and did most of my recon with the very well known nmap, gobuster, wfuzz... well, you know them I suppose.
    Sometimes though, when I'm out of idea, I fall back to Nikto , just in case it might see something other tools haven't.
    The thing is, I can't recall one time where that actually happened. Never have I used Nikto in a way that in the end I would say that was game changing.

    So my question is, what's the value of that tool ? In which context should I think of using it instead of something else ? Is it just a matter of preference or is there actually some things Nikto can do I'm unaware of and I'm missing on something big ?

    All tools are a personal choice. Nikto is pretty useless unless there is a web app, for example.

    I often use nikto as part of my enumeration process - along with dirb/gobuster/dirbuster etc. Often it is a case of scanning for folders with (say) Gobuster while Nikto is running.

    There are a couple of boxes where this is definitely the fastest way to find things like an admin login page, or a robots.txt that has usable information in.

    There aren't many tools which are the only tool that does a thing.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @TazWake said:

    There aren't many tools which are the only tool that does a thing.

    Clearly ! But I can't imagine, for instance, doing a good recon on a website without a tool like Gobuster. If not it, then another one that would do the job, or I could create one. In the case of Nikto, i just feel like I'm missing the real value or purpose of it so I was wondering in what typical scenarios you'd say "here's a good time for Nikto !" :)

  • edited January 25

    @dragonista said:
    @TazWake said:

    There aren't many tools which are the only tool that does a thing.

    Clearly ! But I can't imagine, for instance, doing a good recon on a website without a tool like Gobuster. If not it, then another one that would do the job, or I could create one. In the case of Nikto, i just feel like I'm missing the real value or purpose of it so I was wondering in what typical scenarios you'd say "here's a good time for Nikto !" :)

    Isn’t Nikto a vulnerability scanner? It doesn’t fill the same role as wfuzz ffuf or go buster. It’s just looking for known vulnerabilities from what it can find on the web server.

    HcKy

    Happy to help. If any of my rambling is useful consider leaving some respect.

  • @dragonista said:

    @TazWake said:

    There aren't many tools which are the only tool that does a thing.

    Clearly ! But I can't imagine, for instance, doing a good recon on a website without a tool like Gobuster. If not it, then another one that would do the job, or I could create one.

    Ok, then I might not understand the question.

    For directory enumeration (as @HcKy points out) you could use Wfuzz, Ffuf, Dirb, Dirbuster, Gobuster etc.

    Sometimes it makes sense to use more than one - I find different results sometimes betewen Dirb and Gobuster which seems strange. If I wanted to do vhost enumeration I'd probably go with Wfuzz over Gobuster. etc.

    Its all down to picking the tool you want to use for a given task.

    In the case of Nikto, i just feel like I'm missing the real value or purpose of it so I was wondering in what typical scenarios you'd say "here's a good time for Nikto !" :)

    Again, as @HcKy says, its a web app vulnerability scanner. If you find a webapp, you can scan it for vulnerabilities with a variety of tools - Nikto, Nessus/OpenVAS, Grabber, w3af, ZAP or commercial tools like Nexpose.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • I see, so it might just be me that didn't really understand what it was supposed to be used for. Thanks for your answers, I'll try again Nikto in better suited scenarios :)

  • For me, if I have a web app, running nikto makes sense - simply because it might find something.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • I first used nikto against the Jerry machine. Was my first time here on HTB.
    And from memory it retrieved a file (config file) containing a password.

    But I don't use nikto often - as @TazWake mentioned; it becomes a preference of what you like to run

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

Sign In to comment.