Review of skipfish, a Free & Open Source Software (FOSS) web application security reconnaissance tool.REVIEW SUMMARY
Skipfish is an active web application security reconnaissance tool. Skipfish generates an interactive sitemap for a targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting sitemap is annotated with the output from a several active (and ideally non-disruptive) security checks. The final report generated by skipfish is meant to serve as a foundation for professional web application security assessments.
Skipfish is fast, easy-to-use and is based on leading-edge security logic (high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors). Highly recommended for both cybersecurity noobs and certified ethical hackers.
CYBERSECURITY FORUM and CyberSecurityForum.com are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.