Importing the nikto database into burp intruder appears to have done the trick….

Thanks again and happy hacking

Cheers,
Matti

I’m just giving you my scenario but there are other reasons.

To answer your questions:

It would be Nikto’s DB but Burp sending the requests.

The latency, even if Nikto was installed on Sys-B would occur. I actually have no idea why, but Nikto doesn’t seem to perform so well when traffic is proxied (necessary in a split-tunnel VPN setup).

So in my case it was convenience.

Another nice thing, when using Burp Intruder, is that the responses can be analyzed. Your correct about logging but why log when I can see responses in real time and if need be throw the request to repeater/comparer? Nikto only looks for HTTP Response codes to flag a finding. Often times, I test applications with custom error handling. So while Nikto is looking for a specific response code, it may be that every request gets a HTTP 200 response code. Upon closer inspection, you may find that only custom errors respond with X amount of Bytes in the length of the response. At which point you can filter those responses and request.

Or……

Maybe you don’t want to use Burp at all. Perhaps your building your own tool and would like to leverage Nikto’s DB, Fuzzdb and whatever else. In this case it would come in handy.

I appreciate your comments. It is always good to see someone ask these kinds of questions.

So which tool on which system does the attacking?

If it all is done by burp why do you need nikto?

If you use nikto for something else you would still have the latency, right?

And why not use nikto from system B?

Well, it is a nice thing you did but I still do not see much use. Although it gives you practice and you learn something….

Cheers,
Matti

Anyway, 3 systems.

Sys A - Hosts Nikto
Sys B - Hosts Burp (used for proxying all web traffic and establishing VPN conn to Sys-C)
Sys-C - Corp proxy

So latency occurs between Sys-A and Sys-B…….less latency when loaded in Burp on Sys-B.

Hope this helps.

Cheers

I hope you have the time to give a review after you read the whole book which should not take you that long as it is only 296 pages. Especially, looking at the table of content this seems not really much.

My opinion about the chapters and content themselves:

Chapter 3 - The Way It Works: There Is No Patch

Exploiting Telnet and FTP
Abusing SMTP
Abusing ARP

Really? That seems like something I never heard before. Well at least it justifies the title totally.

Chapter 4 – 6 might actually be something of interest. But once again 84 pages seems not a lot for these three subjects.

The rest seems to be about twitter

Looking forward to hear your final words on this….

matti