WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: Google Launches Free Web Application Scanning Tool (Skipfish)

From: Isaias Calderon <isaias.calderon () gmail com>
Date: Mon, 22 Mar 2010 16:19:10 -0600
Apologies for the Cross-posting..

http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=224000380

skipfish - web application security scanner

Written and maintained by Michal Zalewski <lcamtuf () google com>.
Copyright 2009, 2010 Google Inc, rights reserved.
Released under terms and conditions of the Apache License, version 2.0.

What is skipfish?

Skipfish is an active web application security reconnaissance tool. It
prepares an interactive sitemap for the targeted site by carrying out
a recursive crawl and dictionary-based probes. The resulting map is
then annotated with the output from a number of active (but hopefully
non-disruptive) security checks. The final report generated by the
tool is meant to serve as a foundation for professional web
application security assessments.

Obviously, the direct link:  http://code.google.com/p/skipfish/wiki/SkipfishDoc

Hoping to share experiencies...

--
Isaias Calderón, CISSP, ECSA, CEH



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: