Review: skipfish - Web App Security Recon Tool (“Fuzzer”)

TOP
    PICK 

Review of skipfish, a Free & Open Source Software (FOSS) web application security reconnaissance tool.

REVIEW SUMMARY

Skipfish is an active web application security reconnaissance tool. Skipfish generates an interactive sitemap for a targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting sitemap is annotated with the output from a several active (and ideally non-disruptive) security checks. The final report generated by skipfish is meant to serve as a foundation for professional web application security assessments.

Skipfish is fast, easy-to-use and is based on leading-edge security logic (high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors). Highly recommended for both cybersecurity noobs and certified ethical hackers.

Cybersecurity Software Reviewed: skipfish - Web App Security Reconnaissance Tool (“Fuzzer”)
Date Published: 12/15/2014
Editor Rating: 4 / 5 Stars

EDITOR RATINGS
⁃ Functionality (40%)
⁃ Performance (20%)
⁃ Usability (20%)
⁃ Portability (10%)
⁃ Value (10%)
⁃ OVERALL






PLATFORMS


DOWNLOAD LINKS

CYBERSECURITY FORUM and CyberSecurityForum.com are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.