If our Linux server is configured to run as a web server, there is a chance that the web server and the web application hosted on the web server may have vulnerabilities. In such a cases, we can use a web application scanning tool to identify these vulnerabilities, and Nikto is one such open source web scanner.
It can be used with any web server and can scan for a large number of items to detect vulnerabilities, misconfigurations, risky files, and so on.
To use Nikto to scan our web server, we have to first install it on our system, from where the scan will be done. If we are using Kali Linux, Nikto comes preinstalled in it. For other Linux distributions, we can install the tool using the following command: