Skipfish has been updated yet again! The latest release is Skipfish-1.70b!

    “Skipfish is a fully automated, active web application security reconnaissance tool. Its key features:

        * High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint – easily achieving 2000 requests per second with responsive targets.

        * Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

        * Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

    The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.”


This version fixes many errors from the previous versions.
Download Skipfish version 1.70b (skipfish-1.70b.tgz) here.
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.