skipfish
fully automated, active web application security reconnaissance tool
Install
- All systems
-
curl cmd.cat/skipfish.sh
- Debian
-
apt-get install skipfish
- Ubuntu
-
apt-get install skipfish
- Kali Linux
-
apt-get install skipfish
- Fedora
-
dnf install skipfish
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install skipfish
- OS X
-
brew install skipfish
- Raspbian
-
apt-get install skipfish
- Dockerfile
- dockerfile.run/skipfish
skipfish
fully automated, active web application security reconnaissance tool
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.