[Nikto-discuss] Suggestion about scanning selection.
Matt ~
aereal at gmail.com
Sat Oct 2 17:22:31 CDT 2010
In that case, the user will be able to match the ones that have an
associated OSVDB ID and the rest (1400 w/o IDs) will always get tested too
until they get their original OSVDB ID.
On Sat, Oct 2, 2010 at 8:47 AM, Sullo <csullo at gmail.com> wrote:
> This is a good suggestion in theory and would be trivial to implement *if*
> we had the data for when a vulnerability was originally published.
>
> For any vulnerability which has an associated OSVDB ID (which is many, but
> not all--a quick grep says ~1400 don't have IDs), we could get the data. But
> even then, generic entires such as /admin/ would not have an associated
> date.
>
> In any case, we could probably work around generic entries if we had the
> data. Anyone who wants to match up all those tests w/o OSVDB IDs is very
> welcome to!
>
>
> On Fri, Oct 1, 2010 at 5:30 PM, Matt ~ <aereal at gmail.com> wrote:
>
>> Hello Nikto community, I'm new at this mailist (don't know why I wasn't on
>> the mailist before since I always used nikto), so if my suggestion has been
>> already made or has been improved on an svn my apologies.
>> Sometimes I find myself scanning with nikto to websites I know there are
>> not going to be old vulnerabilities, so my suggestion is if it will be
>> possible to select a range of years where vulnerabilities where released.
>>
>> Example:
>> ./nikto.pl -h www.site.com -vulndb 2005-2010 [test again vulnerabilities
>> reported between 2005 and 2010]
>>
>> ./nikto.pl -h www.site.com -vulndb 2010 [just scan using vulnerabilities
>> reported this year]
>>
>> I don't know if I made my point, thanks for reading.
>> --
>> Atte:
>> Matías Aereal Aeón
>>
>> _______________________________________________
>> Nikto-discuss mailing list
>> Nikto-discuss at attrition.org
>> https://attrition.org/mailman/listinfo/nikto-discuss
>>
>>
>
>
> --
>
> http://www.cirt.net | http://www.osvdb.org/
>
--
Atte:
Matías Aereal Aeón
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20101002/db0819fd/attachment.html>
More information about the Nikto-discuss
mailing list