[Nikto-discuss] Nikto tests

david lodge resident.deity at gmail.com
Mon Jul 20 12:54:32 UTC 2009


> I was going to suggest options "-T 0123456789abcx" which should exclude
> ("x") every test class. You would then put your tests in the user database
> with a type of "d" or something, and they should be the only ones run...
> however, it doesn't work. Many tests still seem to run.

Actually type d tests already exist, these mostly seem to be
coldfusion tests, e.g.:
/cfide/administrator/index.cfm

This looks like an error in the database to me.

> I filed ticket #84 for this..
>    http://trac2.assembla.com/Nikto_2/ticket/84

I have a patch for this which I'll submit when I get a chance, there's
a minor logic flaw in the current code. What may be an idea is to
define a letter for user defined testing only (e.g. "u").

Thanks

dave


More information about the Nikto-discuss mailing list