[Nikto-discuss] Using DirBuster lists
traef at ebasedsecurity.com
Sat Dec 20 12:05:01 UTC 2008
Ok. Thank you.
I did read that but wasn't sure if there was some other method that the
list might find better.
I'll give it a try.
> -----Original Message-----
> From: Sullo [mailto:csullo at gmail.com]
> Sent: Friday, December 19, 2008 6:02 PM
> To: Thomas Raef
> Cc: security curmudgeon; nikto-discuss at attrition.org
> Subject: Re: [Nikto-discuss] Using DirBuster lists
> Check out the documentation, as it will give you some information on
> how to set up a user-defined test database, and Nikto will
> automatically load and use it when it is scanning.
> Specifically, section 2.
> On Fri, Dec 19, 2008 at 5:15 PM, Thomas Raef
<traef at ebasedsecurity.com>
> > Next question, where would I put this list. I would probably parse
> > down to reduce the number of requests, but where would I put such a
> > list?
> > Would config.txt allow me to specify a file to check?
> > Thank you for your guidance.
> >> -----Original Message-----
> >> From: security curmudgeon [mailto:jericho at attrition.org]
> >> Sent: Friday, December 19, 2008 3:13 PM
> >> To: Thomas Raef
> >> Cc: nikto-discuss at attrition.org
> >> Subject: Re: [Nikto-discuss] Using DirBuster lists
> >> : I was looking at including the list of directory names to check
> >> : including the lists from OWASP's DirBuster project.
> >> :
> >> : I'd like to hear reasons for and against doing such a thing.
> >> for: thorough lists, can find some good directories
> >> against: even their short list is pretty hefty, and generates a ton
> >> requests. the long list? takes way too long to run against a single
> >> host.
> > _______________________________________________
> > Nikto-discuss mailing list
> > Nikto-discuss at attrition.org
> > https://attrition.org/mailman/listinfo/nikto-discuss
> http://www.cirt.net | http://www.osvdb.org/
More information about the Nikto-discuss