Blogging @ Work

Just a quick note that I've decided this whole "blog" thing isn't just a fad, so I've started writing over at the work blog since, well, they pay me. So go subscribe.

Bug in nikto 2.03 - update now!

There was a small mistake in the release of Nikto 2.03; whilst fixing one bug, I'd introduced a more serious one: SSL scanning didn't work.

Running Nikto via Nessus

Michel Arboi and Brian Martin have written a long post on Tenable's blog detailing exactly how to get Nessus to run Nikto automatically. This has been a question that's come up time and again on the mailing lists, so hopefully this will help everyone out.

Nikto 2.03 is here!

Only a month late (personal life et al) and nikto 2.03 is now here. This is an important release as it is the first release of Nikto not under the benevolent gaze of Sullo.

This is a point release to update the databases and fix a few bugs, many of which may be found under the CHANGES document (or you can check on Assembla).

In essence, what has changed:

Take us to your (new) leader!

I have been meaning to make this post for a while now...

I'm happy to announce that Nikto has a new lead developer! He goes by the name "Dave" but I think his parents actually named him "deity." Whatever you decide to call him, please welcome him to the club and make sure he knows the secret handshake.

OLPC Lowers Barrier to Entry For Hacking?

InformIT has a series on turning the OLPC into a "Hacker's Toolkit," which of course includes the Usual Suspects of tools (including Nikto) used by those evil hackers. The article is a bit cheesy in places, but I'm impressed the OLPC can run the toolset as described. Not bad for $188.