[Nikto-discuss] OWASP favicon and nikto

dave at cirt.net dave at cirt.net
Fri Jun 10 08:54:37 CDT 2011

First off - more good lists coming from OWASP, which're always good  
for the community!

Quoting Sullo <csullo at gmail.com>:
>> I would like to invite nikto to update its database from there. Also,
>> if there's anything the database miss - please help and add.
> Would certainly like to contribute & use the database--how exactly
> depends on the licensing (either inclusion in nikto's database, or
> loading a distinct file). At some point nikto's database was
> incorporated into the nmap nse so it's likely almost all are found in
> there already.

If there's a problem with the licence, then we could always implement  
it like we did the directories list from DirBuster - i.e. add support  
for the file format to the plugin and allow the user to use it, but  
they need to source the list themselves.

Updating directly from OWASP instead of cirt.net also would mean that  
we're dependent on an external site that isn't controlled by cirt.net.

The above can be worked around, if necessary by an import script, but  
it needs to be though about for a bit. (i.e. do we want our users to  
run two scripts, or are we happy that OWASP won't change the URL of  
the database etc.).

More information about the Nikto-discuss mailing list