skipfish 1.05 beta

Operating systemsOS : Windows / Linux / Mac OS / BSD
Program licensingScript Licensing : Apache License - Apache License 2.0
CreatedCreated : Mar 22, 2010
Size downloadDownloads : 3
Program licensing
Thank you for voting...

An interactive sitemap of the target site is ...

An interactive sitemap of the target site is generated by recursively crawling it and carrying out dictionary-based probes.
The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security_check. The final report generated by the tool is meant to serve as a foundation for professional web application security_assessment.
Setup Process:
Unpack the archive and type 'make' to compile.
Copy the desired dictionary file from dictionaries/ to skipfish by Google Inc.. wl
Execute . /skipfish 1.05 beta -o output_dir http://www. example. com/some/starting/path
The final report is written to output_dir/index. html and can be viewed with any JavaScript-enabled browser.
Most important functions of skipfish [skipfish1.05 beta.exe]:
High performance:
• 500+ requests per second against responsive Internet targets, 2000+ requests per second on LAN / MAN networks, and 7000+ requests against local instances have been observed, with a very modest CPU, network, and memory footprint.
• Multiplexing single-thread, fully asynchronous network I/O and data processing model that eliminates memory management, scheduling, and IPC inefficiencies present in some multi-threaded clients.
• Advanced HTTP/1. 1 features such as range requests, content compression, and keep-alive connections, as well as forced response size limiting, to keep network-level overhead in check.
• Smart response caching and advanced server behavior heuristics are used to minimize unnecessary traffic.
• Performance-oriented, pure C implementation, including a custom HTTP stack.
Ease of use:
• Heuristic recognition of obscure path- and query-based parameter handling schemes.
• Graceful handling of multi-framework sites where certain paths obey a completely different semantics, or are subject to different filtering rules.
• Automatic wordlist construction based on site content analysis.
• Probabilistic scan features to allow periodic, time-bound assessments of arbitrarily complex sites.
Well-designed security checks:
• Three-step differential probes are preferred to signature checks for detecting vulnerabilities.
• Ratproxy-style logic is used to spot subtle security problems: cross-site request forgery, cross-site script inclusion, mixed content, issues MIME- and charset mismatches, incorrect caching directives, etc.
• Bundled security checks are designed to handle tricky scenarios: stored XSS (path, parameters, headers), blind SQL or XML injection, or blind shell injection.
• Report post-processing drastically reduces the noise caused by any remaining false positives or server gimmicks by identifying repetitive patterns.
Demands:
• GNU Libidn
• Cygwin (on Windows)
News in the current skipfish - 0MB version:
• Final workaround for FORTIFY_SOURCE on MacOS X.

skipfish 1.05 beta scripting tags: check, skipfish, security, scan, checks, content, security assessment, requests, vulnerability scanner, security check. What is new in skipfish 1.05 beta software script? - Unable to find skipfish 1.05 beta news. What is improvements are expecting? Newly-made skipfish 1.6 will be downloaded from here. You may download directly. Please write the reviews of the skipfish. License limitations are unspecified.