[Nikto-discuss] Nikto Session Management Vulnerabilities

Chris Sullo csullo at gmail.com
Sun Feb 9 07:18:56 CST 2014


Meaning there may be very specific product checks in db_tests but nothing generic in terms of sessions. 

> On Feb 9, 2014, at 3:44 AM, raymond lukanta <raymond_pluto at hotmail.com> wrote:
> 
> What do you mean with "generic"?
> 
> --
> Raymond Lukanta
> 
> Subject: Re: [Nikto-discuss] Nikto Session Management Vulnerabilities
> From: csullo at gmail.com
> Date: Sat, 8 Feb 2014 08:01:03 -0500
> CC: nikto-discuss at attrition.org
> To: raymond_pluto at hotmail.com
> 
> Correct--there are no generic session management issues tested by Nikto.
> 
> Regards,
> Sullo
> 
> On Feb 8, 2014, at 2:51 AM, raymond lukanta <raymond_pluto at hotmail.com> wrote:
> 
> Hi,
> 
> As I read on http://cirt.net/nikto2-docs/options.html, I don't find any session management vulnerabilities that can be detected by Nikto.
> Am I right? Because for my final project, I want to extend Nikto so Nikto can detect session management vulnerabilities.
> 
> I'm looking forward for the response.
> Thanks.
> 
> --
> Raymond
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20140209/75d3245c/attachment-0001.html>


More information about the Nikto-discuss mailing list