I run nikto on web apps when I get stuck, but I only ever get a massive list of false positives. I don’t think I’ve ever found a real vulnerability with it.
Is it more useful when used on certain targets, like Apache or something? I know auto scanners are never perfect, but I’m wondering if it’s even worth running anymore. Ive gotten way more use out of alternatives like Nessus
[link] [comments]
from hacking: security in practice https://ift.tt/6cib07G
Comments
Post a Comment