[OWASP-BLR]Queries regarding NIKTO and Nessus
akashmahajan at gmail.com
Wed May 31 07:13:49 EDT 2006
On 5/31/06, Gaurav Gupta <gaurav_g2000 at hotmail.com> wrote:
> I want to use NIKTO from a windows XP machine to explore vulnerabilities in
> my IIS 5.0 Server running on another windows XP machine. I have downloaded
> the latest vesion from the CIRT website but i have not been able to install
> it on windows. Any idea how can i install it on windows?
What is the error you are getting in installing?
> When i use Nessus to scan my system, it gives me a list of the open ports on
> my server system. I want to check if my program running as a service is
> having any buffer overflow or not. Does anybody have an idea from where can
> i get the plugin for buffer overflow.
any nessus plugin is basically a check for a vulnerable
software/version. That is why nessus is called a vuln assessment
If you want to exploit a vuln after detecting it you need an exploit framework.
For example Metasploit, securityforest, canvas etc.
More information about the Owasp-bangalore