March 22, 2010 | Blogging, Digital Security

Google released a free website scanning tool called Skipfish. Skipfish accesses your entire website’s URLs and tries to find problems from a huge list of tens of different security problems.

About Skipfish

Skipfish is implemented as a program that you run locally (from your personal computer) or on the same server as a website or WordPress or other blog. It saves output in a directory you specify in HTML format (sample below).

If you’re wondering why Google would release a security scanner for free, Google has in interest in a secure and non-exploited Internet. If, every time you go online, your computer is hacked, you’re less likely to go online. The less you go online, the less Google searches you do, the less ads you click on, and the less money Google gets.

Skipfish is similar to other security scanning programs like Nikto and Nessus. But it also has some advantages such as:

• High Performance. You can run 500+ requests per second over the Internet, 2000+ requests over a LAN, and 7000+ requests on the same server as a website.
• Ease of Use. Skipfish is flexible and it handles weird URL schemes and even comes up with automatically generated password guesses based on site content.
• Fine security checks. Skipfish detects subtle problems like cross-site scripting, but it also identifies and avoids false positives.

Major security holes that Skipfish finds include

• Server-side SQL injection (including blind vectors, numerical parameters).
• Explicit SQL-like syntax in GET or POST parameters.
• Server-side shell command injection (including blind vectors).
• Server-side XML / XPath injection (including blind vectors).
• Format string vulnerabilities.
• Integer overflow vulnerabilities.

And there are other minor problems that it finds as well.

Running Skipfish

Skipfish is written in C, and you probably need to compile it before you run it. I’ll have another blog post later on preparing and running Skipfish.

Skipfish is hosted at Google Code here: http://code.google.com/p/skipfish/

If you liked this article

If you liked this article, don’t forget to subscribe for updates!

Get updates by RSS (What’s RSS?)

Subscribe by email:

Follow me on Twitter

Top Incoming Search Terms

"how to install skipfish" ubuntu (480) 305-0015 +how to make and run skipfish windows advantages of skipfish automated website scanning cache:pjl1wj0c-pyj:http://forum.vital.ks.ua/archive/index.php/t-13588.html aring.org.ua/index.php?newsid=2056 compilare skipfish compile skipfish compiled skipfish ubuntu compiler skipfish compiling skipfish windows drupal skipfish google new tool site scan cross site scripting google skipfish google skipfish "compile on windows" google skipfish windows how compile skipfish how to compile skipfish on a mac how to copy skipfish in windows how to give 2 urls in skipfish how to install skipfish for windows how to install skipfish in windows how to install skipfish on windoews machine how to install skipfish on windows how to install skipfish scanning tool in windows how to install skipfish windows how to run skipfish tool how to use skipfish how to use skipfish drupal how to use skipfish tool for php howto skipfish howto use skipfish http://digitivity.org/939/google-releases-skipfish-automatic-website-blog-security-scanning-tool http://www.bathroomsetc.net instalar skipfish en windows install skipfish on mac install skipfish on windows install skipfish ubuntu installing skipfish google installing skipfish linux installing skipfish on mac installing skipfish on windows installing skipfish windows link:http://webcamreview.net/ -site:webcamreview.net links:www.jamespot.com -www.jamespot.com make: don't know how to make install. skipfish. nessus skipfish plugin run skipfish run skipfish windows running skipfish in windows running skipfish linux runs skipfish scan website for security problems scanning with skipfish site:http://digitivity.org phone site:http://digitivity.org computer site:http://digitivity.org install site:http://digitivity.org software site:http://digitivity.org/ site:http://digitivity.org/ file site:http://digitivity.org/ internet site:http://digitivity.org/ virus skipfish skipfish windows make skipfish + windows skipfish compile skipfish compile windows skipfish compiled skipfish compiled mac skipfish compiled windows skipfish drupal skipfish find malware skipfish for windows skipfish for windows instal skipfish get parameter skipfish get parameters skipfish how compile on windows skipfish how to install on windows skipfish howto skipfish install skipfish installation skipfish installation directory skipfish installation on windows skipfish login java skipfish mac compile skipfish nessus skipfish on windows skipfish parameter skipfish parameter injection skipfish plugin for firefox skipfish root directory skipfish run on windows skipfish scaning tool skipfish sql howto skipfish sql injection skipfish ubuntu skipfish windows skipfish windows compilation skipfish windows compile skipfish windows install skipfish windows installation skipfish windows sql skipfish windows xp download skipfish wordpress skipfish как скомпилировать для windows skipfish-install-on-ubuntu ubuntu security scanning tools ubuntu skipfish ubuntu skipfish install use skipfish before nessus using skipfish using skipfish drupal website scanning tool website security scanning tool what is skipfish what is skipfish and what are the commands used with linux who published skipfish who publishes skipfish and who was the development that coded it why would google ask for a security check windows compiled skipfish windows skipfish wordpress blogs www.rehanahmad.org/ www.samplesresumeexamples.com/ www.tourdubai.org/

Related posts:

1. How to Install Google Skipfish on Ubuntu Linux Skipfish is a new security scanning tool from Google that...
2. Google Buys Picnik, a Free Online Photo Editing Website Google has bought Picnik, a free online image editing website....
3. Google Releases Its Nexus One Phone, But It’s Not an iPhone Killer Google just released its own phone, the Nexus One, this...
4. How to Install Miro Podcast Viewer on Windows Miro is a free and open source podcast viewer for...
5. How to Install Java on Windows Java is an application environment (like, in a way, .NET,...

Explore related content: Google, security, security scanner, Skipfish, software, website, website security, WordPress

120 Responses to “Google Releases Skipfish Automatic Website Security Scanning Tool”

1. Aslam Raza says:

   August 19, 2011 at 11:38 pm

   Hi! Thanks for sharing this great article! I feel strongly about it and love learning more on this topic. It is extremely helpful for me. Thanks.
   Aslam Raza´s last blog ..How to deal with Shipping of Goods?
2. melody says:

   August 22, 2011 at 7:02 am

   I find this site informative, thanks for sharing this could really help..
   melody´s last blog ..Inexpensive Car Insurance
3. Decoration Trends says:

   August 24, 2011 at 11:40 pm

   Hi dear! I really like it your hard work was seen in your post. Thanks for sharing keep it up please.
   Decoration Trends´s last blog ..Tips for Wedding Room Decoration
4. Elizabeth says:

   September 8, 2011 at 3:14 am

   I just read through the entire article of yours and it was quite good. This is a great article thanks for sharing this information. I will visit your blog regularly for some latest post.
   Elizabeth´s last blog ..English Studies as an Active Participant in the Creation
5. Alexander says:

   September 13, 2011 at 10:41 pm

   The concept of your blog is very fresh. I definitely sure the visitors who visit your site will like your content and pointer. Thanks a lot!
6. Aaliyah says:

   September 17, 2011 at 10:45 am

   Hi! Some truly superb content on this internet site , Thank you for contribution.
   Aaliyah´s last blog ..How to Keep Client Information?
7. Abraham says:

   September 24, 2011 at 12:14 am

   Hi! It is quite interesting and pleasant experience to visit this post about Skipfish. Thanks for the nice and useful sharing.
   Abraham´s last blog ..Best Video Songs Ever
8. Resume Example says:

   September 28, 2011 at 5:18 am

   All are written better. Reading this post reminds me of my old room mate! He always kept talking about this. I will forward this article to him. Pretty sure he will have a good read. Thanks for sharing!
   Resume Example´s last blog ..Office Manager Resume
9. Jeanna Bryner says:

   September 30, 2011 at 4:27 am

   No doubt this is an excellent work. I never see this type of beautiful article before. Thanks to share this rare information with us. Keep it up please.
10. Jimmy Carter says:

    October 11, 2011 at 11:09 pm

    Hey. I read your article and getting amaze from your efforts on this article. Your conveying point on major is marvelous… I’ll bookmark your site and check it regularly.
11. Federal Consolidation Loan says:

    October 22, 2011 at 10:12 am

    Hi great Author! wonderful and thanks for so nice and awesome article. I enjoyed the article a great deal while reading. Thanks for sharing such a superb post. Best Wishes.
    Federal Consolidation Loan´s last blog ..Impact of Credit Score on Loan Consolidation
12. Free Online Articles Directory says:

    October 27, 2011 at 9:06 am

    It is the fact that this is an absolutely an excellent internet web site we’ve visiting. The matter is quite useful in addition to direct clear. Thanks a lot for this nice info..
13. Prince Charles says:

    November 3, 2011 at 2:48 am

    Hi Buddy! I am really enjoying reading your well written articles. I think you spend Numerous effort and time updating your site. Best wishes.
    Prince Charles´s last blog ..Medical and Student Travel Insurance
14. fruit mocking party says:

    December 16, 2011 at 4:15 pm

    Wow that was odd. I just wrote an extremely long comment but after I clicked submit my comment didn’t appear. Grrrr… well I’m not writing all that over again. Regardless, just wanted to say excellent blog!
15. dealer mobil honda says:

    December 16, 2011 at 5:26 pm

    I know this if off topic but I’m looking into starting my own weblog and was wondering what all is needed to get setup? I’m assuming having a blog like yours would cost a pretty penny? I’m not very internet smart so I’m not 100% sure. Any recommendations or advice would be greatly appreciated. Thanks
16. Best Business Insurance says:

    February 2, 2012 at 8:55 pm

    I am curious to find out what blog platform you happen to be working with? I’m having some minor security issues with my latest site and I’d like to find something more risk-free. Do you have any solutions?
17. Del Amolsch says:

    February 3, 2012 at 11:46 am

    There is evidently a lot to identify about this. I consider you made certain good points in features also.
18. Nikia Progl says:

    February 3, 2012 at 7:46 pm

    I’ve been surfing online more than 3 hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. In my opinion, if all web owners and bloggers made good content as you did, the net will be much more useful than ever before.
19. tribal Dress says:

    February 4, 2012 at 6:34 am

    Good website! I truly love how it is simple on my eyes and the data are well written. I’m wondering how I could be notified when a new post has been made. I’ve subscribed to your RSS which must do the trick! Have a nice day!
20. Roslyn Pershing says:

    February 4, 2012 at 12:53 pm

    I am now not positive the place you’re getting your info, but good topic. I needs to spend a while learning more or figuring out more. Thank you for fantastic info I used to be searching for this info for my mission.