Re: Google Launches Free Web Application Scanning Tool (Skipfish)

[Yuli Stremovsky <stremovsky () gmail com>]

Hello

Here is another project of this kind called ZeroDayScan .

It is a free web scanning service running from the cloud.

It is not related to Google in any way. It is using a a private
scanner build by my friend.

Site url : http://www.zerodayscan.com

Best regards,
Yuli

On Tue, Mar 23, 2010 at 12:19 AM, Isaias Calderon
<isaias.calderon () gmail com> wrote:
> Apologies for the Cross-posting..
>
> http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=224000380
>
> skipfish - web application security scanner
>
> Written and maintained by Michal Zalewski <lcamtuf () google com>.
> Copyright 2009, 2010 Google Inc, rights reserved.
> Released under terms and conditions of the Apache License, version 2.0.
>
> What is skipfish?
>
> Skipfish is an active web application security reconnaissance tool. It
> prepares an interactive sitemap for the targeted site by carrying out
> a recursive crawl and dictionary-based probes. The resulting map is
> then annotated with the output from a number of active (but hopefully
> non-disruptive) security checks. The final report generated by the
> tool is meant to serve as a foundation for professional web
> application security assessments.
>
> Obviously, the direct link:  http://code.google.com/p/skipfish/wiki/SkipfishDoc

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------