Using Skipfish for vulnerability assessment
In this recipe, we will learn how to use Skipfish. is entirely written in C. It is highly to handle HTTP requests. can handle 2,000 requests per second, as mentioned at http://tools.kali.org/web-applications/skipfish .
Getting ready
To step through this recipe, you will need Kali Linux running on Oracle Virtualbox and an Internet connection. No other prerequisites are required.
How to do it... For this recipe, you need to perform the following steps:
- Open the terminal. To start
Skipfish
, you have to mention the output directory name. If the output directory does not exist, it will automatically create the directory and save the results. To start Skipfish, type the following command in the terminal:
skipfish -o /root/dvwa-skipfish-results http://172.17.0.2
/dvwa/login.php
- Before Skipfish starts scanning, it shows the list of tips on the screens, which helps you understand how Skipfish will behave for this specific scan:
- Once starts, it...