Home arrow Security arrow Skipfish Website Vulnerability Scanner

Skipfish Website Vulnerability Scanner

Security is by far the most important aspect that any webmaster should consider for long term website success. A lot of open source and commercial tools are available to scan your website for vulnerabilities. If you are looking for an efficient, powerful, fast and free tool, then you might need to give “Skipfish” a try.

TABLE OF CONTENTS:
  1. Skipfish Website Vulnerability Scanner
  2. How to Install Skipfish
  3. Run a Skipfish Scan on XAMPP
By: Codex-M
Poor Best
Rating: starstarstarstarstar / 4
March 23, 2011

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Skipfish is a web application security scanner contributed, developed and maintained by the Google security engineering team headed by Michael Zalewski, a Google Inc. employee.

This tutorial is written primarily for beginners who are looking to expand their knowledge of website security, vulnerability detection and prevention using Skipfish.

System Requirements and Required Library Installation

This tutorial teaches you how to install and run Skipfish inside an Ubuntu local environment. With this, it is possible to scan both localhost and remote web server URL.

The methods and commands in this tutorial are tested using Ubuntu 10.04 LTS otherwise known as “Lucid Lynx”. Skipfish requires you to install some important libraries in advance before you can actually proceed to install Skipfish. This will ensure that you will not encounter serious installation issues. To do this, follow the steps below:

1.) Go to Administration ==> Update Manager and make sure you see the “Your System is up-to-date” message or else you need to update until all required and important updates of your system are installed.

2.) Install libidn11-dev package, go to Applications ==> Accessories ==> Terminal:

Login as root:

codex-m@codex-m-desktop:~$ sudo -s -H
root@codex-m-desktop:/home/codex-m# sudo apt-get install libidn11-dev

3.) Install libssl-dev and zlib1g-dev package:

root@codex-m-desktop:/home/codex-m# sudo apt-get install libssl-dev zlib1g-dev

4.) Go to System ==> Synaptic package manager, confirm that the following packages has been successfully installed:

a.) libidn11-dev
b.) libssl-dev
c.) zlib1g-dev

There are other packages or libraries required by Skipfish to work which should already be installed on Ubuntu by default (provided your Ubuntu version and system is up-to-date):

a.) libidn11
b.) gcc
c.) make
d.) libc6
e.) libc6-dev

In Synaptic package manager, you will know that the packages has been successfully installed if you see the green mark beside the package, see screenshot below:



 
 
>>> More Security Articles          >>> More By Codex-M
 

blog comments powered by Disqus
   

SECURITY ARTICLES

- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II
Find More Security Articles

Developer Shed Affiliates

 

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap

Dev Shed Tutorial Topics: