I came across an inaccuracy in Nikto 2's documentation that makes writing/modifying tests pretty confusing. In the documentation, the "Match 1 (AND)" and "Match 1 (OR)" scan db fields follow the "Match 1" field, in that order. However, the set_scan_items subroutine that loads the checks uses them in the opposite order. In other words, in my user-defined tests I was trying to match responses for either of two strings but was instead searching for both, causing my checks to fail.<br>