[Nikto-discuss] Using DirBuster lists

security curmudgeon jericho at attrition.org
Fri Dec 19 21:12:44 UTC 2008

: I was looking at including the list of directory names to check by 
: including the lists from OWASP's DirBuster project.
: I'd like to hear reasons for and against doing such a thing.

for: thorough lists, can find some good directories

against: even their short list is pretty hefty, and generates a ton of 
requests. the long list? takes way too long to run against a single host.

More information about the Nikto-discuss mailing list