Nikto Review Including Alternatives

Nikto is a free command line vulnerability scanner. This type of software searches for the presence of loopholes known to be used by hackers who want to sneak into a system or send malware to it.

A great benefit of vulnerability scanners is that they run through a series of checks automatically without the need for note-taking or decision-making by a human operator. This means that the user doesn’t need to have any cybersecurity knowledge to use the tool and can get a full assessment of the system without paying for an expensive consultancy service. Thus, vulnerability scanners save businesses time and money. In addition, Nikto is free to use, which is even better.

The history of Nikto

Nikto was first released in December 2001. The system was created by Chris Sullo, a security consultant and penetration tester. The project remained open-source and community-supported while Sullo continued with his career.

Open source projects have lower costs than commercial software development because the organization doesn’t have to pay for developers. In the case of Nikto, the entire base package was written by one person and then enhanced by other enthusiasts.

One source of income for the project lies with its data files, which supply the list of exploits to look for. Unfortunately, the package of exploit rules is not free. This puts the project in a difficult position. On the one hand, its promise of free software is attractive. On the other hand, however, the extra hidden cost is off-putting and would force potential uses to reconsider.

The prospect of paying to use the system brings it into competition with commercially-developed vulnerability managers, which have bigger budgets to fund development. Nikto struggled with finance until February 2014, when Invicti (formerly Netsparker) became a partner to the project, providing funding and organizational expertise. Invicti sponsors Nikto to this date.

Invicti produces a vulnerability scanner that can also be used as a development testing package.

Nikto usage

Nikto is currently billed as Nikto2. The tool is now 20 years old and has reached version 2.5. This is a Web server scanner that looks for vulnerabilities in Web applications. The package has about 6,700 vulnerabilities in its database.

Routines in Nikto2 look for outdated software contributing to the delivery of Web applications and check on the Web server’s configuration. The system can scan ports on Web servers and can scan multiple servers in one session. The scanner tries a range of attacks as well a looking for exploits. For example, it will probe credentials, working through a dictionary of well-known usernames and passwords that hackers know to try.

The sequence of tests also includes an anti-IDS attack that will help you to check on the abilities of your intrusion detection system if you have one installed.

The output from each scan will be summarized on the screen, and it is also possible to request a report written to file in plain text, XML, HTML, NBE, or CSV format. Reports can be customized by applying a pre-written template, or it is possible to write your own format template. It is also possible to request detailed logs for individual tests.

Each scanning run can be customized by specifying classes of attributes to exclude from the test plan.

The scan can take a while, and you might wonder whether it is hanging. Unfortunately, the tool doesn’t have any graphics to show that it is still working, such as a progress bar, as a command-line service. However, the system includes an interrupt procedure that you can implement by pressing the space bar. This prompts Nikto2 to give a progress report to estimate how much time is remaining for the scan.

Nikto deployment options

Nikto2 operates as a proxy. This intercepts traffic between your Web server and the program that launches all of the tests. A separate process catches traffic and logs results. This scenario is widely used in pen testing tools – for example, both Metasploit and Burp Suite use the proxy model. You need to host both elements on your site, and they can both be run on the same host.

The software is written to run on Linux and other Unix-like operating systems. The tool is built into Kali Linux. This is an open-source project, and you can get the source code from its GitHub repository and modify it if you like to create your custom version.

Nikto strengths and weaknesses

As a free tool with one active developer, the progress on software updates is slow. Despite the sponsorship from Invicti (formerly Netsparker), the project doesn’t seem to have improved its development strategy. For example, the site explains that the release management mechanism is manual and, although there is a planned project to automate this, Chris Sullo hasn’t got around to it yet. This explains that Sullo is pretty much the sole developer involved in the project. He is also the sole support technician.

There is no message board or data exchange facility for users, so the package doesn’t have the “community support” offered by many other open-source projects.

Pros:

  • A free base program
  • Thorough checks with the number of exploits in the standard scan match that sought by paid vulnerability managers
  • External checks for Web applications
  • Included in Kali Linux

Cons:

  • No GUI interface
  • No development and support team
  • No community forum
  • Won’t work without a paid vulnerability list

Alternatives to Nikto

Nikto is a brave attempt at creating a free vulnerability scanner. However, the lack of momentum in the project and the small number of people involved in managing and maintaining the system means that if you choose this tool, you are pretty much on your own.

What should you look for in an alternative to Nikto?  

We reviewed the market for vulnerability managers like Nikto and assessed the options based on the following criteria:

  • An installer package for automated installation
  • A GUI interface for ease of use
  • Options for on-demand or scheduled vulnerability scanning
  • A system that customizable rules can adapt
  • A well-maintained system with patches to update detection rules and functionality
  • A free tool or an assessment mechanism for paid tools
  • A paid system that offers value for money or a free tool that works

We have compiled a list of some excellent vulnerability managers that offer good alternatives to Nikto with these selection criteria in mind. Keeping in mind that the audience for this guide manages business systems, we also prioritized services that came with a professional support package or gave access to an extensive and active user community for advice.

Here is our list of the six best alternatives to Nikto:

  1. Invicti (ACCESS FREE DEMO) This is the vulnerability manager offered by the main sponsor of Nikto, and it also presents the best alternative to that open-source tool. Although Invicti isn’t free to use, it is well worth the money. The system can be deployed in several options that provide on-demand vulnerability scans, scheduled scans, or continuous scanning, which provides integrated testing for CI/CD pipelines. This service scans for exploits and examines code to scour for logical errors and potential entry points for zero-day attacks. This is a sophisticated, easy-to-use tool supported by technicians who are available around the clock. This Web application vulnerability manager is offered as a SaaS platform or an on-site software package for Windows and Windows Server. Access a free demo system to assess Invicti.
  2. Acunetix (ACCESS FREE DEMO) This vulnerability manager is a better bet than Nikto because it offers options for internal network scanning and Web application vulnerability management.t This system looks for more than 7,000 external vulnerabilities and more than 50,000 network-based exploits. The scans performed by this system are speedy despite the large number of checks that it serves. Acunetix is offered in three editions that provide on-demand, scheduled, and continuous testing. The tool can be used for Web application development testing as well as vulnerability scanning. This system is available as a SaaS platform or for installation on Windows, macOS, or Linux. Access a demo system to assess Acunetix. 
  3. Syxsense Secure This is a cloud-based vulnerability manager that includes a range of additional security services plus system management tools. The vulnerability checking service consists of a port scanner, and the bundle incorporates a patch manager that will get triggered automatically by the vulnerability scanner. Another feature in this service is an endpoint detection and response module (EDR) that scours each endpoint for malware and identifies intrusion and insider threats. The EDR simultaneously works as an agent for the vulnerability scanner and the patch manager, and it is available for Windows, macOS, and Linux. The scanner can be run on-demand or set to repeat on a schedule at a frequency of your choice. The system can also be set to work incrementally and launch automatically whenever threat intelligence updates arrive. The SaaS account also includes storage space for patch installers and log files.  Syxsense Secure is available for a 14-day free trial.
  4. SecPod SanerNow This SaaS platform of security and system management services includes a vulnerability manager, a patch manager, and a configuration manager. The system also provides on-device endpoint detection and response software that can be coordinated from the cloud platform. All of the security and management functions in the SanerNow package can be linked to provide complete security weakness detection and remediation. The tool can be set to run continuously and automatically to ensure system hardening and provide preventative protection. The combination of asset and software management in this bundle also works well for day-to-day operations, such as provisioning and onboarding. It can be used to create new users and set up new devices automatically by applying a profile. All of the monitoring and management functions in the SanerNow bundle include extensive action and detection logging service that provides a suitable audit trail for compliance reporting. SecPod offers a free trial of SanerNow.
  5. ManageEngine Vulnerability Manager Plus This package contains modules that can fix problems that the vulnerability scanner in the bundle identifies. As these services are offered as a collection, resolution can be triggered automatically by the scanner’s discovery of weaknesses. Those remediation services include a patch manager and a configuration manager. The vulnerability scanner runs in a schedule with the default launch cycle being every 90 minutes – that frequency can be altered. The exploit database is automatically updated whenever a new hacker attack strategy is discovered. The software installs on Windows Server, and agents scan devices run Windows, macOS, and Linux. ManageEngine offers Vulnerability Manager Plus on a 30-day free trial, and there is also a Free edition, which scans up to 25 devices.
  6. Rapid7 InsightVM This vulnerability scanner is part of a cloud platform that includes all of Rapid7’s latest system security tools. It is possible to subscribe to several of these and get all of the onsite data gathering performed by the same agents. The scanner can operate inside a network, on endpoints, and cloud services. It provides both internal and external scans. In addition, InsightVM includes a risk assessment service that provides a third-party risk notification service and is kept constantly up to date. InsightVM is available for a 30-day free trial.