Introduction to Skipfish

February 6, 2012, by | Start Discussion

Skipfish is an active web application security reconnaissance tool written and maintained by Michal Zalewski (@lcamtuf). Skipfish is one of the fastest webscanners available which spiders using the wordlists, a very powerful web scanning tool with a simple implementation. In Matriux Skipfish can be found in the arsenal under        Arsenal ->Framework -> Skipfish

Why Skipfish?
Skipfish fast and easy to implement can perform a robust scan of any website providing a lot of security tests, like php injection, XSS, format string vulnerabilities, overflow vulnerabilities, file inclusions and lot more categorized into high risk, medium risk and low risk issues. Skipfish also provides summary overviews of document types and issue types found; and an interactive sitemap, with nodes discovered through brute-force denoted in a distinctive way.

Getting started
Before starting skipfish make sure you provide a skipfish.wl wordlist file from the dictionaries directory found at

/pt/webscanners/skipfish/dictionaries/

(to put it simple copy a file from dictionaries/ to the directory of skipfish into skipfish.wl).

Start skipfish from Arsenal or move to directory /pt/webscanners/skipfish/ and run ./skipfish –h for help.

A simple way to perform a scan is by using the following command:-

./skipfish –o /home/matriux/path http://www.example.com/

You can replace

/home/matriux/

path with other desired locations you want.

After the successful scan a report is generated and stored in the output directory you specified, open the index.html in a browser to view the report generated.

Following is how a sample report looks like.

In certain cases where the certain URLs may logout your session where you can use commands like :-

$

./skipfish -X /logout/logout.aspx

… other parameters…

There are also other options with HTTP cookies, authentication which you can find in the skipfish doc or the README file present in the installation directory.

Overall skipfish is a very light tool for web scanning and security testing, which provides a lot of features and scan options in a faster way.

References

http://code.google.com/p/skipfish/wiki/SkipfishDoc

Happy Hacking 🙂


Author bio not avialable

Leave a Reply