Fwd: Google Launches Free Web Application Scanning Tool (Skipfish)
- From: Isaias Calderon <isaias.calderon@xxxxxxxxx>
- Date: Mon, 22 Mar 2010 16:19:10 -0600
Apologies for the Cross-posting..
http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=224000380
skipfish - web application security scanner
Written and maintained by Michal Zalewski <lcamtuf@xxxxxxxxxx>.
Copyright 2009, 2010 Google Inc, rights reserved.
Released under terms and conditions of the Apache License, version 2.0.
What is skipfish?
Skipfish is an active web application security reconnaissance tool. It
prepares an interactive sitemap for the targeted site by carrying out
a recursive crawl and dictionary-based probes. The resulting map is
then annotated with the output from a number of active (but hopefully
non-disruptive) security checks. The final report generated by the
tool is meant to serve as a foundation for professional web
application security assessments.
Obviously, the direct link: http://code.google.com/p/skipfish/wiki/SkipfishDoc
Hoping to share experiencies...
--
Isaias Calderón, CISSP, ECSA, CEH
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Follow-Ups:
- Re: Google Launches Free Web Application Scanning Tool (Skipfish)
- From: Yuli Stremovsky
- Re: Google Launches Free Web Application Scanning Tool (Skipfish)
- Prev by Date: Re: Decrypting PPTP network traffic
- Next by Date: Re: Controlled DoS
- Previous by thread: Did you work on OSSTMM 3?
- Next by thread: Re: Google Launches Free Web Application Scanning Tool (Skipfish)
- Index(es):
Relevant Pages
|
