Nikto

Nikto web server security scanner bot

About this crawler

Nikto is a web crawler identified by the regular-expression pattern Nikto in the User-Agent request header. It is categorised as scanner. Use the regex above to detect, log, allow, or block Nikto traffic in your web server, CDN edge rules, or robots.txt.

Block-rate · top 25k sites

0.33%

latest snapshot
2026-06-04
matched key: Nikto

Technical details

Name: Nikto
Pattern: Nikto
Tags: scanner
Reference: http://cirt.net/nikto/
Added: 2026/04/07
rDNS suffixes: .cirt.net, .nikto.pl
Instances: 2 known sample(s)

rDNS verification (FCrDNS)

Verify a request is genuinely Nikto with forward-confirmed reverse DNS: the client IP's PTR record must end in one of the suffixes below and a forward A/AAAA lookup of that hostname must return the same IP. UA strings alone are spoofable; FCrDNS is not.

.cirt.net
.nikto.pl

Sample User-Agent strings

Mozilla/5.00 (Nikto/2.1.5) (Evasions:None) (Test:Port Check)

Mozilla/5.0 (X11; Linux x86_64) Nikto/2.5.0 (Evasions:None) (Test:Port Check)

Block this crawler

robots.txt — disallow Nikto:

User-agent: Nikto Disallow: /

Apache .htaccess — return 403:

RewriteEngine On RewriteCond %{HTTP_USER_AGENT} Nikto [NC] RewriteRule .* - [F,L]

Nginx — return 403 inside a server block:

if ($http_user_agent ~* "Nikto") { return 403; }

← back to all crawlers