As discussed before, web interfaces are important in any IoT project. That is why insecure web interfaces are listed in the top 10 threats. To ensure that your IoT web interfaces are generally secure, use at least a web application vulnerability scanner. Nikto is one of the most commonly used tools to check web application security. If you are using Kali Linux, you are able to use it directly via your CLI. It is a built-in tool in Kali Linux:
If you want to scan your web application interface using Nikto, type the following command:
#sudo nikto -h <your_interface_address_here>
In the following example, we used the ...