What is Skipfish?
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
The advantage of using Skipfish:
* High performance
* Ease of use
* Well-designed security checks
example using Skipfish…
1.Once you have the dictionary selected, you can try:
$ ./skipfish -o output_dir http://www.example.com/some/starting/path.txt
2. Brute force only no html link :
more function if you know…
after I find out more about skipfish I will share with you. because now I’m still using windows. because my internet providers does not support linux .I hope Skipfish will appear with the version of windows …:D … just hope .. :D: D