[Nikto-discuss] Nikto plugin for Nessus

security curmudgeon jericho at attrition.org
Wed May 9 13:03:26 CDT 2012

: > Once the pathing issues are fixed (accounts for 95% of the problems), it
: > has worked fine historically. I have not tested it with Nessus 5 or 5.0.1
: > though.
: I appreciate the response, a couple of days after I posted here, I found 
: out that this is not quite so. While only Tenable can sign official 
: plugins with their official key, it is also possible to create a single 
: 'local' key using OpenSSL and sign plugins with that key.

Yes, you can bypass the need for Tenable to sign it. I said that in the 
context of rolling it out as a solution across the enterprise, where self 
signing could be problematic for pushing updates, or getting updates from 

: A little more development and I will be happy to share that plugin code 
: with Tenable. I'm working with Nikto 2.1.4 and am also in the process of 
: updating the nikto.nasl plugin to use the Nikto -Plugin option rather 
: than -mutate as per documentation. I'm also adding the missing mutate 
: options as mutate 5 (-Plugin subdomain) might be useful to us.
: When is the deprecated -mutate option scheduled to be completely 
: withdrawn?

That is a question for Sullo or the Nikto team.

More information about the Nikto-discuss mailing list