skipfish
A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
Cost / License
- Free
- Open Source
Application type
United StatesAlerts
- Discontinued
Platforms
- Mac
- Windows
- Linux
- BSD
Skipfish is no longer maintained. Last version, 2.10 beta, released in December 2012, can be still downloaded from Google Code Archive
Features
- Command line interface
- Heuristic Detection
Tags
skipfish News & Activities
Recent activities
pentestly added skipfish as alternative to Pentestly.io
skipfish information
Featured in Lists
A list with 21 apps by MartinO without a description.
A list with 17 apps by Reptevye without a description.
What is skipfish?
A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.
The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.