[Nikto-discuss] OWASP favicon and nikto
kost at linux.hr
Wed Jun 15 16:43:32 CDT 2011
On Fri, Jun 10, 2011 at 09:54:37AM -0400, dave at cirt.net wrote:
> If there's a problem with the licence, then we could always implement it
> like we did the directories list from DirBuster - i.e. add support for
> the file format to the plugin and allow the user to use it, but they need
> to source the list themselves.
Again, let's talk about the license!
> Updating directly from OWASP instead of cirt.net also would mean that
> we're dependent on an external site that isn't controlled by cirt.net.
> The above can be worked around, if necessary by an import script, but it
> needs to be though about for a bit. (i.e. do we want our users to run two
> scripts, or are we happy that OWASP won't change the URL of the database
I guess, having cron script on Nikto update server side and sync(with additional checks) on some regular base sounds reasonable. Database is not big and you will be less dependant on external stuff and you don't have to update nikto if OWASP (for some reason) changes URL. You only need to change sync script on the server.
I'm also attaching the script which I used for converting from OWASP database
to Nikto db style if it will help. Don't ask me for the license, it's public
Vlatko Kosturjak - KoSt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 271 bytes
Desc: not available
More information about the Nikto-discuss