Penetration Testing mailing list archives
Fwd: Google Launches Free Web Application Scanning Tool (Skipfish)
From: Isaias Calderon <isaias.calderon () gmail com>
Date: Mon, 22 Mar 2010 16:19:10 -0600
Apologies for the Cross-posting.. http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=224000380 skipfish - web application security scanner Written and maintained by Michal Zalewski <lcamtuf () google com>. Copyright 2009, 2010 Google Inc, rights reserved. Released under terms and conditions of the Apache License, version 2.0. What is skipfish? Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. Obviously, the direct link: http://code.google.com/p/skipfish/wiki/SkipfishDoc Hoping to share experiencies... -- Isaias Calderón, CISSP, ECSA, CEH ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Fwd: Google Launches Free Web Application Scanning Tool (Skipfish) Isaias Calderon (Mar 23)
- Re: Google Launches Free Web Application Scanning Tool (Skipfish) Yuli Stremovsky (Mar 25)