Installing Google Skipfish on Ubuntu/Debian

check out jason’s post for an in-depth review. http://bit.ly/9LAnbt

here’s the simple commands necessary to get hacking with Google’s new web application scanner Skipfish:

wget http://skipfish.googlecode.com/files/skipfish-1.01b.tgz
tar zxvf skipfish-1.01b.tgz
sudo apt-get install libidn11-dev
cd skipfish
make
cp dictionaries/default.wl skipfish.wl
./skipfish -o output_folder http://www.example.com

you’ll want to less README to understand all the options.

more to come shortly with our opinions, tips and lab results. currently we’re getting 600+ requests/second for internet sites, 4000+ requests/second for local tests.

enjoy,

db

Posted on March 19, 2010 by David Bailey

4 Responses to Installing Google Skipfish on Ubuntu/Debian

  1. art April 14, 2011

    I couldn’t get this to work, but after following Erik’s advice I did it, so thanks to both of you.

  2. Digitivity April 1, 2010

    The FAQ says you need the zlib dev headers as well:

    sudo apt-get install libssl-dev zlib1g-dev libidn11

    http://digitivity.org/943/how-to-install-google-skipfish-on-ubuntu-linux

  3. Erik March 21, 2010

    Had to also ‘apt-get install libssl-dev’ on my fresh karmic install to get the ‘make’ to work.

  4. Pingback: Skipfish, Google Enters the Web Scanner Fray | Redspin Security Blog

Add a Comment