14 Like

skipfish

A fully automated, active web application security reconnaissance tool. Created by google

Free Open Source
Mac
Windows
Linux
BSD
Discontinued

A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors. More Info »

The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

Link to official skipfish site

Official Website

Features

Command line interface Heuristic Detection Add a feature

Category

Tags

Discontinued command-line-interface vulnerability-scanner heuristic-detection reconnaissance

skipfish was added by tabakis in Feb 2011 and the latest update was made in Mar 2016. The list of alternatives was updated Oct 2018 There is a history of all activites on skipfish in our Activity Log. It's possible to update the information on skipfish or report it as discontinued, duplicated or spam.

at work, during scanning

HTMLised results

skipfish is discontinued. Find alternatives in the list below or click here for more info

Skipfish is no longer maintained. Last version, 2.10 beta, released in December 2012, can be still downloaded from Google Code Archive

MORE APP INFO Official website

Reviews 0

Alternatives to skipfish for all platforms with any license

Nmap

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also...

Free Open Source Mac Windows Linux BSD
Network Monitoring Network usage history Add a feature

219 Like
Zenmap

Zenmap is the official cross-platform GUI for the Nmap Security Scanner. It is free and runs on Linux, Windows, Mac OS X, etc. Zenmap aims to make Nmap easy for...

Free Open Source Mac Windows Linux
Asynchronous Network Monitoring Add a feature

77 Like
Shodan

Shodan is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan...

Freemium Web
Search IP addresses Security focused Add a feature

17 Like
Nessus

The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data...

Commercial Mac Windows Linux Android iPhone
Open API Vulnerability management Vulneraility Scanning Add a feature

24 Like
Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people...

Free Open Source Mac Windows Linux
Proxy support Penetration Testing Add a feature

20 Like
Acunetix

Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free...

Commercial Windows Web Wordpress
No features added Add a feature

12 Like
Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous...

Free Open Source Mac Windows Linux
No features added Add a feature

18 Like
w3af

w3af is a Web Application Attack and Audit Framework

Free Open Source Windows Linux
No features added Add a feature

12 Like
IronWASP

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable...

Free Open Source Mac Windows Linux
Penetration Testing Add a feature

5 Like
Netsparker

Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could...

Commercial Windows
No features added Add a feature

8 Like
wapiti

Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

Free Open Source Windows Linux
Command line interface Security focused Add a feature

3 Like
Arachni

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of...

Free Open Source Mac Windows Linux
No features added Add a feature

2 Like
Nexpose

Learn about our vulnerability management software, Nexpose. See how our vulnerability scanner prioritizes vulnerabilities and speeds up remediation.

Commercial Windows Linux
Open API Add a feature

1 Like
Websecurify

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability...

Commercial Mac Windows Linux
Penetration Testing Security focused Add a feature

5 Like
HTTPCS Security

Put yourself in the shoes of a hacker! Without technical expertise, launch an audit to detect security flaws on your website or web application. Online website...

Commercial $ $ $ Web
Penetration Testing Add a feature

1 Like

skipfish Comments

Echo echo ... Feels empty in here

Maybe you want to be the first to submit a comment about skipfish? Just click the button up to your right!