Home page logo


skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. For downloads and more information, visit the skipfish homepage.

Popularity #39, new!
Rating ★★★★½ (2)
Latest release 2.10b
Dec. 4, 2012
(8 years, 4 months ago)


★★★★ xem

Great tool. Fast and powerful. Rapport can be better.

★★★★★ Michal Ambroz

Excellent tool for automated initial quick assessment of the website. Written in C it is incredibly fast and can generate/analyze thousands of requests per second.

Your comment

Along with your rating, you can use the comment form to post a review, tutorial, tips and tricks, or anything else others will find useful. If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).

  (will not be shown, will not be spammed)
(At least 50 characters. No markup is allowed. URLs will be made into links.)
 What is the length of an IPv6 address, in bytes? (antispam)

Feed for updates.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]