What is Nikto?
Nikto is a free software command-line vulnerability scanner that scans web servers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received.
How Nikto works?
Nikto operates by doing signature matching to known vulnerable web services, including dynamic web applications, CGI scripts, and web server configurations. Nikto does this by making requests to the web server and evaluating responses. Nikto includes a number of options that allow requests to include data such as form posts or header variables and does pattern matching on the returned responses.
Basics on using Nikto(PRACTICE)
Using nikto on a server that has bash shellshock vulnerability
