Google Releases Open Source Skipfish Security Tool

Monday Mar 22nd 2010 by Developer.com Staff
Share:

Google releases new skipfish security tool for Web applications.

Web developers that care about security should check out Google's latest addition to its open source tool.

It's called skipfish. It's written in C. It's is a fully automated Web application that scrounges through your Web site looking for security holes.

It's supposed to be easy because skipfish uses "heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion."

According to Google, skipfish implements cutting-edge security logic: "high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors."

The tool should run on Linux, FreeBSD 7.0+, MacOS X and Windows(Cygwin).

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved