SkipFish - Web Application Scanner

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.

The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

To Run this Web application security scanner

Step1: To get all the parameters of type skipfish -h

 root@kali:~# skipfish -h

Step2: To scan the target and to write the output in the directory.

root@kali:~# skipfish -d -o 202 http://192.168.169.130/

It will go on scanning through every request, external/Internal links and statistics.

Once the scan completed it will create a professional web application security assessments.

Output consist of various sections such as document type and Issue type overview.

For scanning Wildcard domains

root@kali:~# skipfish -D .192.168.169.130 -o output-dir1 http://192.168.169.130/

You need to customize your HTTP requests when scanning big sites.

-H To insert any additional, non-standard headers. -F To define a custom mapping between a host and an IP. -d Limits crawl depth to a specified number of subdirectories. -c Limits the number of children per directory. -x Limits the total number of descendants per crawl tree branch. -r Limits the total number of requests to send in a scan.

skipfish also provides the summary overviews of document types and issue types found, and an interactive sitemap, with nodes discovered through brute-force, denoted in a distinctive way.

Need to specify -e to avoid binary responses for reporting.