{"id":460823,"date":"2010-03-21T19:05:00","date_gmt":"2010-03-21T23:05:00","guid":{"rendered":"tag:blogger.com,1999:blog-7196788127833928948.post-3571601058271117345"},"modified":"2010-03-21T19:05:00","modified_gmt":"2010-03-21T23:05:00","slug":"skipfish-new-web-security-tool-from-google","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/460823","title":{"rendered":"Skipfish &#8211; New Web Security Tool from Google"},"content":{"rendered":"<div class=\"downloadlink\">Google is continuing it&#8217;s efforts into the web security area. After <a href=\"http:\/\/www.shortinfosec.net\/2008\/07\/googles-ratproxy-web-security-tool-for.html\">ratproxy<\/a>, which was a passive security tool, here comes skipfish &#8211; an active security scanner.<\/p>\n<p><a onblur=\"try {parent.deselectBloggerImageGracefully();} catch(e) {}\" href=\"http:\/\/1.bp.blogspot.com\/_Hu1rpxRsqcU\/S6fgMpKFe8I\/AAAAAAAAAgo\/4c5GjkdrHbA\/s1600-h\/skipfish.jpg\"><img decoding=\"async\" style=\"margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 173px;\" src=\"http:\/\/1.bp.blogspot.com\/_Hu1rpxRsqcU\/S6fgMpKFe8I\/AAAAAAAAAgo\/4c5GjkdrHbA\/s320\/skipfish.jpg\" alt=\"\" id=\"BLOGGER_PHOTO_ID_5451572381766482882\" border=\"0\" \/><\/a><\/p>\n<p>Shortinfosec has compiled skipfish v1.11b  on windows.<\/p>\n<p><span style=\"font-weight: bold;\">UPDATE: Seeing that skipfish releases are changing twice a day, I am starting a  persistent post on my blog to publish the latest versions of skipfish  compiled for Windows.<\/span><\/p>\n<p><span style=\"font-weight: bold;\"> Here is the link to the post for future versions<\/span><\/p>\n<p><a style=\"font-weight: bold;\" href=\"http:\/\/www.shortinfosec.net\/2010\/03\/compiling-latest-skipfish-for-windows.html\">http:\/\/www.shortinfosec.net\/2010\/03\/compiling-latest-skipfish-for-windows.html<\/a><br \/><span style=\"text-decoration: underline;\"><\/span><\/p>\n<p><span style=\"text-decoration: underline;\"><\/span><br \/><span>You can download  compiled <a href=\"http:\/\/rapidshare.com\/files\/367081942\/skipfish-1.1b.zip\"><span style=\"text-decoration: underline;\">skipfish<\/span><\/a><a href=\"http:\/\/rapidshare.com\/files\/367081942\/skipfish-1.1b.zip\">-1.11b  for Windows here<\/a><\/span><\/p>\n<p>Verification sum:<\/p>\n<p>skipfish-1.1b.zip MD5: 6D97FBCB65CAF57A7D74E99C0671AEDA<\/p>\n<p><\/p>\n<p>In  order to run it, just unzip the archive &#8211; it contains the cygwin run-time libraries needed for running skipfish.<\/p>\n<p>If you wish to compile skipfish yourself, you need to install cygwin and compile it with make. Do not forget to update  your path variable to include c:\\cygwin\\bin.<\/p>\n<p><span style=\"font-weight: bold;\">Quickstart<\/span><br \/>To run it, start a command line in the directory where skipfish is unzipped\/compiled<\/p>\n<ol>\n<li>create a report directory (<tt><tt style=\"font-weight: bold;\"><a id=\"How_to_run_the_proxy?\"><tt>report_outdir)<\/tt><\/a><\/tt><\/tt><\/li>\n<li>type<span style=\"font-family:monospace;\"><span style=\"font-weight: bold;\"> skipfish<\/span><\/span> <tt style=\"font-weight: bold;\"><a id=\"How_to_run_the_proxy?\"><tt> -o <report_outdir>  report_outdir http:\/\/target-site<report_outfile><\/report_outfile><\/report_outdir><\/tt><\/a><\/tt><\/li>\n<li>after the scan is finished, go to report_outdir and open index.html to view the results<\/li>\n<li>you can always break the scan by ctrl-c<span style=\"font-weight: bold;\"><br \/><\/span><\/li>\n<\/ol>\n<p>Skipfish creates a more advanced report then ratproxy, and it is autogenerated, so you don&#8217;t need a special parser to create the HTML report from the raw results.<\/p>\n<p>Talkback and comments are most welcome<\/p>\n<p>Related posts<br \/><a href=\"http:\/\/www.shortinfosec.net\/2008\/07\/ratproxy-google-web-security-assessment.html\">Ratproxy &#8211;  Google Web Security Assessment Tool<\/a><br \/><a href=\"http:\/\/www.shortinfosec.net\/2008\/07\/googles-ratproxy-web-security-tool-for.html\">Google&#8217;s  Ratproxy Web Security Tool for Windows<\/a><br \/><a href=\"http:\/\/www.shortinfosec.net\/2008\/07\/tutorial-using-ratproxy-for-analysis.html\">Tutorial  &#8211; Using Ratproxy for Web Site Vulnerability Analysis<\/a><\/div>\n<div class=\"blogger-post-footer\"><img width='1' height='1' src='https:\/\/blogger.googleusercontent.com\/tracker\/7196788127833928948-3571601058271117345?l=www.shortinfosec.net' alt='' \/><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/shortinfosec\/~4\/1HCc8p-5wPU\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google is continuing it&#8217;s efforts into the web security area. After ratproxy, which was a passive security tool, here comes skipfish &#8211; an active security scanner. Shortinfosec has compiled skipfish v1.11b on windows. UPDATE: Seeing that skipfish releases are changing twice a day, I am starting a persistent post on my blog to publish the [&hellip;]<\/p>\n","protected":false},"author":5679,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-460823","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/460823","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/5679"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=460823"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/460823\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=460823"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=460823"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=460823"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}