[Nikto-discuss] Nikto plugin for Nessus
security curmudgeon
jericho at attrition.org
Wed May 9 13:03:26 CDT 2012
: > Once the pathing issues are fixed (accounts for 95% of the problems), it
: > has worked fine historically. I have not tested it with Nessus 5 or 5.0.1
: > though.
:
: I appreciate the response, a couple of days after I posted here, I found
: out that this is not quite so. While only Tenable can sign official
: plugins with their official key, it is also possible to create a single
: 'local' key using OpenSSL and sign plugins with that key.
Yes, you can bypass the need for Tenable to sign it. I said that in the
context of rolling it out as a solution across the enterprise, where self
signing could be problematic for pushing updates, or getting updates from
Tenable.
: A little more development and I will be happy to share that plugin code
: with Tenable. I'm working with Nikto 2.1.4 and am also in the process of
: updating the nikto.nasl plugin to use the Nikto -Plugin option rather
: than -mutate as per documentation. I'm also adding the missing mutate
: options as mutate 5 (-Plugin subdomain) might be useful to us.
:
: When is the deprecated -mutate option scheduled to be completely
: withdrawn?
That is a question for Sullo or the Nikto team.
More information about the Nikto-discuss
mailing list