Install Nikto
In this step, you will install Nikto, an open-source web server scanner that helps identify security issues in web servers. Nikto checks for outdated server software, dangerous files/CGIs, and other common vulnerabilities. Understanding these vulnerabilities is crucial for securing web applications.
Before we begin, let's make sure we're in the right directory. The ~/project
directory is where we'll perform all our lab work to keep files organized:
cd ~/project
Next, we need to update our package list. This ensures we'll install the latest available version of Nikto with all recent security updates:
sudo apt update
Now we're ready to install Nikto. The -y
flag automatically confirms the installation, saving us from having to manually approve it:
sudo apt install -y nikto
After installation completes, let's verify it worked correctly by checking the installed version. This confirms Nikto is properly installed and shows which version we'll be using:
nikto -Version
You should see output similar to:
Nikto v2.1.6
Nikto is now successfully installed on your system. While Nikto has a configuration file at /etc/nikto.conf
, we'll use the default settings for this introductory lab. These defaults provide a good balance between thorough scanning and reasonable speed for learning purposes.