[Nikto-discuss] Using DirBuster lists
Thomas Raef
traef at ebasedsecurity.com
Fri Dec 19 22:15:26 UTC 2008
Next question, where would I put this list. I would probably parse it
down to reduce the number of requests, but where would I put such a
list?
Would config.txt allow me to specify a file to check?
Thank you for your guidance.
> -----Original Message-----
> From: security curmudgeon [mailto:jericho at attrition.org]
> Sent: Friday, December 19, 2008 3:13 PM
> To: Thomas Raef
> Cc: nikto-discuss at attrition.org
> Subject: Re: [Nikto-discuss] Using DirBuster lists
>
>
> : I was looking at including the list of directory names to check by
> : including the lists from OWASP's DirBuster project.
> :
> : I'd like to hear reasons for and against doing such a thing.
>
> for: thorough lists, can find some good directories
>
> against: even their short list is pretty hefty, and generates a ton of
> requests. the long list? takes way too long to run against a single
> host.
More information about the Nikto-discuss
mailing list