Nikto Cheat Sheet header

All the tables provided in the cheat sheets are also presented in tables below which are easy to copy and paste.

The Nikto cheat sheet covers:

  • Installation
  • Standard command to scan websites
  • Scan options
  • Display options
  • Output options
  • Tuning options

View or Download the Cheat Sheet JPG image

Right-click on the image below to save the JPG file ( 2427 width x 2302 height in pixels), or click here and open it in a new browser tab. Once the image opens in a new window, you may need to click on the image to zoom in and view the full-sized jpeg.

Nikto cheat sheet

View or Download the cheat sheet PDF file

You can download the cheat sheet PDF file here. If it opens in a new browser tab, simply right click on the PDF and navigate to the download selection.

What’s included in the Cheat Sheet

The following categories and items have been included in the cheat sheet:



$ sudo apt-get install nikto

Standard command to scan websites

Standard command to scan websites

nikto –host (web url host name) –(http port number ) 

Scan options

Scan options

Nikto –h (Hostname/IP address)

Scan a host 

Nikto -h -port (Port Number1),(Port Number2)

Scan host targeting specific ports 

Nikto -h (Hostname) -maxtime (seconds) 

Define maximum scan time

Nikto -h-until

Scan duration 

Nikto -h-vhost

Define host header 

Nikto -h-no404

Skip http 404 guessing 

Nikto -h-nossl

Stop using SSL during scan

Nikto -h-ssl

Force to use SSL

Nikto -update

Update scan engine plugins

Nikto -h-dbcheck

Check database 

Nikto -h (Hostname/IP address) -output (filename)

Input output to a file 

Nikto -h-useproxy (Proxy IP address)

Web host scan via a proxy

Nikto -h-config (filename.conf)

Use a specified file as a database 

Nikto -h-nolookup

Stop DNS lookup for hosts

Nikto -h-nocache

Stop caching responses for scans

Display options

Display Options

Nikto -h -Display (option)


Display redirects 


Display cookies


Display 200 ok response


Display Web URLs requiring authentication 


Display debug output


Show HTTP errors


Print to STDOUT


Verbose output display

Output options

Output Options

Nikto -h -Format


Comma Separated Value


HTML Format


Plain text


XML Format

Tuning options

Tuning Options

Nikto -h (Hostname) -tuning (Option)


Upload files


Remote File Retrieval - Server Wide


View specific file in log


Command Execution / Remote Shell


Default file misconfiguration


SQL Injection


Display information disclosure 


Authentication Bypass


Injection (XSS/Script/HTML)


Software Identification


Remote File Retrieval - Inside Web Root


Remote Source Inclusion


Denial of Service


Reverse Tuning Options

Reference and additional resources:

Nikto FAQs

What does Nikto command do?

Nikto is a vulnerability scanner for Web servers. This provides lists of weaknesses that can be filtered to specific vulnerability types. The scanner looks for thousands of weaknesses, which means that its output can be overwhelming if you don’t properly target each scan and categorize the results into groups of weaknesses that can be closed down with a single action.

What is tuning in Nikto?

Tuning is the term used by Nikto for its search settings. Tuning a scan to a specific type of weakness limits the actions of the vulnerability scanner. Tuning is the core step in using Nikto because its breadth is so great that you will receive too much information to deal with if you don’t target each run.

How long does a Nikto scan take?

A full Nikto scan can take 45 minutes to run. To get an idea of the extensive nature of each investigative run, the Nikto system has a list of 6,700 files to look for. The important skill to deploy when using Nikto is learning how to limit each scan to make it quicker to complete and so that the results give you just enough remediation tasks that can be meaningfully handled.