LinuxQuestions.org - Google releases skipfish, a free web application security scanner

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Google releases skipfish, a free web application security scanner (https://www.linuxquestions.org/questions/linux-security-4/google-releases-skipfish-a-free-web-application-security-scanner-796899/)

Google releases skipfish, a free web application security scanner

Quote:

The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, we have released projects such as ratproxy, a passive security assessment tool; and Browser Security Handbook, a comprehensive guide for web developers. We also worked with the community to improve the security of third-party browsers.

Today, we are happy to announce the availability of skipfish - our free, open source, fully automated, active web application security reconnaissance tool.

Complete Post

Thanks to Slashdot for covering this.

Haven't really checked under the hood but it seems to be a fast scanner. Always nice to have a shiny brand new tool.

When I get some free time, I'll take a look at Skipfish.

Well, it is pretty fast. A run against my server took about 90 minutes (and as far as servers go, it is a 90 lb weakling). Now I just have to dig into what the output really means.