check out jason’s post for an in-depth review. http://bit.ly/9LAnbt
here’s the simple commands necessary to get hacking with Google’s new web application scanner Skipfish:
wget http://skipfish.googlecode.com/files/skipfish-1.01b.tgz
tar zxvf skipfish-1.01b.tgz
sudo apt-get install libidn11-dev
cd skipfish
make
cp dictionaries/default.wl skipfish.wl
./skipfish -o output_folder http://www.example.com
you’ll want to less README to understand all the options.
more to come shortly with our opinions, tips and lab results. currently we’re getting 600+ requests/second for internet sites, 4000+ requests/second for local tests.
enjoy,
