[Nikto-discuss] SQL Injection with Nikto

Sullo sullo at cirt.net
Sat Jun 21 03:59:35 UTC 2008

Curtis LaMasters wrote:
> I've been trying to figure out how to scan a website for the ability 
> to SQL inject (it's a website that I run yes...). Unfortunately I have 
> not be able to get a desirable result.  I was hoping you all could 
> point me in the right direction.

Check out Paros and WebScarab--you may have luck with them. Nikto isn't 
built to crawl a site and look for something like unknown/undisclosed 
SQLi in applications, but both them are (and are also free).



More information about the Nikto-discuss mailing list