[Nikto-discuss] SQL Injection with Nikto
sullo at cirt.net
Sat Jun 21 03:59:35 UTC 2008
Curtis LaMasters wrote:
> I've been trying to figure out how to scan a website for the ability
> to SQL inject (it's a website that I run yes...). Unfortunately I have
> not be able to get a desirable result. I was hoping you all could
> point me in the right direction.
Check out Paros and WebScarab--you may have luck with them. Nikto isn't
built to crawl a site and look for something like unknown/undisclosed
SQLi in applications, but both them are (and are also free).
More information about the Nikto-discuss