Skipfish can walk / work under Linux, BSD, Mac and Windows. Skipfish is a powerful scanner that is able to crawl the entire web contents or scan the entire web. This tool is made of the C language, compatible, easy to use, support different types of web framework, this tool is available in backtrack 5.Backtrack ===>Vulnerability Assesment ===> Web application Assesment ===> Web Vulnerability Scanners ===> Skipfish
Skipfish use dictionaries to look for security gaps and object files on the website. We use minimal to scan faster, but less sought gap.
# cp dictionaries/filename.wl skipfish.wl
skipfish command :
# ./skipfish -o /pentest/web/skipfish/b -W dictionaries/filename.wl http://www.youtube.com
issue type overview.
Click the red part to exploration, you will see the URL being tested, and the type of tests performed.