Check out jason’s post for an in-depth review. http://bit.ly/9LAnbt
Here’s the simple commands necessary to get hacking with Google’s new web application scanner Skipfish:
tar zxvf skipfish-1.01b.tgz
sudo apt-get install libidn11-dev
cp dictionaries/default.wl skipfish.wl
./skipfish -o output_folder http://www.example.com
You’ll want to less README to understand all the options.
More to come shortly with our opinions, tips and lab results. currently we’re getting 600+ requests/second for internet sites, 4000+ requests/second for local tests.