[Nikto-discuss] OWASP favicon and nikto
dave at cirt.net
dave at cirt.net
Fri Jun 10 08:54:37 CDT 2011
First off - more good lists coming from OWASP, which're always good
for the community!
Quoting Sullo <csullo at gmail.com>:
>> I would like to invite nikto to update its database from there. Also,
>> if there's anything the database miss - please help and add.
> Would certainly like to contribute & use the database--how exactly
> depends on the licensing (either inclusion in nikto's database, or
> loading a distinct file). At some point nikto's database was
> incorporated into the nmap nse so it's likely almost all are found in
> there already.
If there's a problem with the licence, then we could always implement
it like we did the directories list from DirBuster - i.e. add support
for the file format to the plugin and allow the user to use it, but
they need to source the list themselves.
Updating directly from OWASP instead of cirt.net also would mean that
we're dependent on an external site that isn't controlled by cirt.net.
The above can be worked around, if necessary by an import script, but
it needs to be though about for a bit. (i.e. do we want our users to
run two scripts, or are we happy that OWASP won't change the URL of
the database etc.).
More information about the Nikto-discuss
mailing list