skipfish en openSUSE

Recien hice el paquete de skipfish para openSUSE. Lo puedes encontrar aqui.

skipfish es:

A fully automated, active web application security reconnaissance tool. Key features:

  • High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint – easily achieving 2000 requests per second with responsive targets.
  • Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
  • Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

Ejemplo de uso:

$ ./skipfish -o output_dir http://www.example.com/some/starting/path.txt

pueden escoger diccionarios de palabras desde /usr/share/skipfish/dictionaries en openSUSE

Deja un comentario

Tu dirección de correo electrónico no será publicada.