Skipfish Google web app security..

What is Skipfish?

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

The advantage of using Skipfish:

* High performance
* Ease of use
* Well-designed security checks

example using Skipfish…
1.Once you have the dictionary selected, you can try:

$ ./skipfish -o output_dir http://www.example.com/some/starting/path.txt

2. Brute force only no html link :

$ ./skipfish -P -I http://www.example.com/dir1/ -o output_dir -t 5 -I http://www.example.com/dir1/

more function if you know…

http://code.google.com/p/skipfish/

after I find out more about skipfish I will share with you. because now I’m still using windows. because my internet providers does not support linux .I hope Skipfish will appear with the version of windows …:D … just hope .. :D: D

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s