LSE toolsLSE toolsNikto (180)Nikto (180)

Tool and Usage

Nikto is an open source security scanner which tests web servers for potential vulnerabilities.

Screenshot for Nikto tool review

Why this tool?

Nikto helps with performing security scans against web servers and to search for vulnerabilities in web applications.

Background information

Note: the data files of Nikto are not released under GPL. Embedding them in your projects may require permission of the author.

Usage and audience

Nikto is commonly used for penetration testing, security assessment, or web application analysis. Target users for this tool are developers, pentesters, and security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available
  • + Well-known tool

Author and Maintainers

Nikto is under development by David Lodge. This project is currently maintained by Chris Sullo, David Lodge.


Supported operating systems

Nikto is known to work on Linux.

Nikto alternatives

Similar tools to Nikto:



Web Application Security Scanner aimed towards helping users evaluate the security of web applications



Wapiti is a security tool to perform vulnerability scans on web applications. It uses fuzzing to detect known and unknown paths, among other tests.



Spaghetti is a web vulnerability scanner to find flaws in common web applications and frameworks. It can perform fingerprinting and vulnerability discovery.

See all alternatives tools for Nikto »

Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.1.6 [2015-07-09]
LicensesGPLv2, Multi-license

Project health

This score is calculated by different factors, like project age, last release date, etc.


 Nikto project website
GitHub iconNikto GitHub page


This tool is categorized as a web application scanner and website security audit tool.

Related terms