Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Integrating nikto fingerprints on runtime
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Wed, 18 Dec 2013 08:53:51 +1100

George,

On Tue, Dec 17, 2013 at 9:29 AM, George Chatzisofroniou
<sophron () latthi com> wrote:
A couple of months ago i contacted Chris Sullo (also CC'ed on this mail), one of
the authors of Nikto, the great scanner which performs comprehensive tests
against web servers for multiple items. I asked permission for integrating
Nikto's large database to our http-fingerprint file. Chris told me that this is
not possible due to the licensing issues. You can read the whole response at the
bottom of this mail.

Is there a tangible benefit in leveraging nmap over Nikto, such as
speed or was this rather an academic exercise?

Also, will nmap include the
http://packetstormsecurity.com/papers/IDS/whiskerids.html features
too?

On Tue, Dec 17, 2013 at 9:29 AM, George Chatzisofroniou
<sophron () latthi com> wrote:
----- Forwarded message from Sullo <sullo () cirt net> -----

Date: Tue, 17 Sep 2013 21:00:53 -0400
From: Sullo <sullo () cirt net>
To: George Chatzisofroniou <sophron () latthi com>
Subject: Re: Permission for integrating Nikto's database to Nmap

You could potentially write a parser for it and have the user point/config
the NSE to a copy they received with Nikto--there is another tool that does
this but the name is escaping me at the moment.

I suspect this might be
http://www.room362.com/blog/2009/10/10/burp-tip-of-the-day-nikto-db-import.html


-- 
Regards,
Christian Heinrich

http://cmlh.id.au/contact
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault