Install Nikto on Raspberry Pi

Nikto is an open-source web server scanning tool via command line. It runs various tests against web server to find security vulnerabilities such as server misconfiguration, outdated software, insecure and default files, etc.

This tutorial demonstrates how to install Nikto on Raspberry Pi.

Install Nikto

Connect to Raspberry Pi via SSH. Make sure the package lists are up-to-date:

sudo apt update

Install Nikto with command:

sudo apt install -y nikto

We can check Nikto version as follows:

nikto -Version

Testing Nikto

In order to scan for vulnerabilities on a web server, run the nikto command and specify target host with -h option:

nikto -h 192.168.0.184

Nikto runs tests against web server and provides the output something like this:

---------------------------------------------------------------------------
+ Target IP:          192.168.0.184
+ Target Hostname:    192.168.0.184
+ Target Port:        80
+ Start Time:         2021-05-14 05:58:44 (GMT3)
---------------------------------------------------------------------------
+ Server: Apache/2.4.46 (Debian)
+ Server leaks inodes via ETags, header found with file /, fields: 0x29cd 0x5c2412785e8f7
+ The anti-clickjacking X-Frame-Options header is not present.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Allowed HTTP Methods: OPTIONS, HEAD, GET, POST
+ OSVDB-561: /server-status: This reveals Apache information. Comment out appropriate line in httpd.conf or restrict access to allowed hosts.
+ 6544 items checked: 0 error(s) and 4 item(s) reported on remote host
+ End Time:           2021-05-14 05:58:57 (GMT3) (13 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Uninstall Nikto

If you want to completely remove the Nikto and related dependencies, execute the following command:

sudo apt purge --autoremove -y nikto

Leave a Comment

Your email address will not be published. Required fields are marked *