Google Web应用程序安全扫描工具-skipfish (1.41 beta)

skipfish是一款免费、开源、Web应用程序安全检测工具。skipfish主要特点:

  • — 速度快:Skipfish完全由C编写,高度优化的HTTP处理能力以及最低的CPU占用,它每秒钟可以轻松处理2000个请求;
  • — 使用简单:采用启发式扫描技术,主持多种Web架构。具备自动学习能力,字典动态创建,表单自动完成等功能。
  • — 前沿安全逻辑算法:性能高、误报率低。

skipfish支持Linux, FreeBSD 7.0+, MacOS X, 和 Windows (Cygwin) 环境。工具更多信息及官方下载地址code.google.com 。

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Google Web application security scanning tool-skipfish (1.41 beta)

A fully automated, active web application security reconnaissance tool. Key features:

  • High speed : pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
  • Ease of use : heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
  • Cutting-edge security logic : high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

The tool is believed to support Linux, FreeBSD 7.0+, MacOS X, and Windows (Cygwin) environments.Download current version (1.41 beta)

 

原文链接

你可能感兴趣的:(Web,Security,Google,FreeBSD,工具,frameworks)