Print
Google has released a new web security tool developers can use to check their sites for security vulnerabilities. The tool is called Skipfish and it runs on a Linux or Unix command line in a similar way to well known utilities like Nmap or Nessus. The only difference is that Skipfish runs much faster.
The software is capable of processing 2,000 HTTP requests per second on even a modest system. Tests on local networks have yielded more than 7,000 requests per second. Skipfish owes this amazing speed to its straight-up C implementation.
The tool was designed to identify code that could allow vulnerabilities like cross-site scripting attacks and SQL/XML injection attacks, among others. It even supports asynchronous processing of multithreaded processes for high scalability. If you’re a web developer interested in the software, you can get it here.
Image via H Security
Comments are closed on this article
Kira Shannen
June 29, 2011 at 6:10pm
I thought Nmap was really good so I was content with it. I mean, I was feeling safe with it and the Cloud computing security. With all these upgrades, my head started spinning. This software does seem to do a sweet job, though, I think I'll take a shot and check it out. Thank you for the useful post.
niccy4513
January 08, 2011 at 1:01pm
My main complaint is not the scan rate of B/W or grayscale scans. I would be very happy with a 10 PPM grayscale document scanner. The problem is that the scanner / software package does NOT scan in grayscale. The scanner DOES send the images to my iMac in GRAYSCALE and then the horrible software converts it to B/W. Yes you heard me right! They take a perfectly legible (8 bit, 256 levels of black) grayscale image and turn it into a very poor quality B/W (2 bit, 2 color) illegible image. I can't for the life of me understand why they would do such a thing.See Here: neatdesk scanner
