I had long been a wikto guy as it has much better integration and a nice flow to it when enumerating directories to launch the nikto database at. However it's been a little flaky on some of the larger sites recently and I needed to give the new nikto (version 2.02) a go. They have since implemented the same "AI" techniques i.e. fingerprinting web responses for 200 ok's and 404's not found etc. to give more accurate results (previous Nikto's had lots of false positives because it did not have this).
So as I had quite a few targets and all running web servers on various ports I needed a way to parse the nmap scan to nikto. Wow I was surprised I couldn't find anything, there are lots of Nessus/Nmap/nikto combined tools but I just needed something to format a file so I could easily just send it to Nikto. (Note:Maybe I missed something if so email
me). The inital scans took so long to run due to the size of the target I wasn't about to use the nikto in nessus option which would have solved this as I didn't have the time.
Anyhow it came down to some old fashioned grepping.
Cat nmap.gnmap | egrep " 80/open| 443/open" > openweb.txt
(open file the file and make sure it look right do minor edits)
perl nikto.pl -h openweb.txt
I was surprised that there was not an easier way i thought these two and nessus would have been well developed and integrated by others by now. The new version of nikto is good and it outputs to html and hyperlinks all of the findings for you which makes verification much easier.