Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is built on LibWhisker and can run any platform which has a Perl environment, and supports SSL, proxies, host authentication, IDS evasion and more.
Nikto not only checks for CGI vulnerabilities but does so in an evasive manner, so as to elude intrusion detection systems. It comes with thorough documentation which should be carefully reviewed prior to running the program. If you have Web servers serving up CGI scripts, Nikto can be an excellent resource for checking the security of these servers.
OpenSuSe user can install nikto using "1-click" installer - here
Ubuntu / Debian: $ sudo apt-get install nikto
The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.1.2 on TCP port 80: nikto -h 192.168.1.2
To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:
nikto -h 192.168.1.2 -p 443Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:
nikto -h https://192.168.0.1:443/Updating
Nikto can be automatically updated, To update to the latest plugins and databases, simply run Nikto with the -update command: nikto -update
If updates are available, you will see a list of the files getting downloaded.