本文共 3049 字，大约阅读时间需要 10 分钟。

--Skipfish工具

是一款Web应用安全侦查工具。skipfish会利用递归爬虫和基于字典的探针生成一副交互式网站地图。最终生成的地图会在通过安全检查后输出。

--选择 -o是输出路径的参数，-S是指定数据字典的只读状态（还有其他参数使用请查看系统中的man或 “-h”帮助文档）

root@kali:~/Desktop/dictionaries# skipfish -o /root/Desktop/Skipfishoutput -S '/usr/share/skipfish/dictionaries/complete.wl' http://www.thesecurityblogger.com

--选择continue继续执行

skipfish web application scanner - version 2.10b

Welcome to skipfish. Here are some useful tips:

1) To abort the scan at any time, press Ctrl-C. A partial report will be written

   to the specified location. To view a list of currently scanned URLs, you can

   press space at any time during the scan.

2) Watch the number requests per second shown on the main screen. If this figure

   drops below 100-200, the scan will likely take a very long time.

3) The scanner does not auto-limit the scope of the scan; on complex sites, you

   may need to specify locations to exclude, or limit brute-force steps.

4) There are several new releases of the scanner every month. If you run into

   trouble, check for a newer version first, let the author know next.

More info: http://code.google.com/p/skipfish/wiki/KnownIssues

NOTE: The scanner is currently configured for directory brute-force attacks,

and will make about 241435 requests per every fuzzable location. If this is

not what you wanted, stop now and consult the documentation.                                                        

Press any key to continue (or wait 60 seconds)...        

skipfish version 2.10b by lcamtuf@google.com

--开始web安全侦查信息。

  - www.thesecurityblogger.com -

Scan statistics:

      Scan time : 0:02:24.490

  HTTP requests : 476 (4.4/s), 366 kB in, 120 kB out (3.4 kB/s)  

    Compression : 267 kB in, 980 kB out (57.2% gain)    

    HTTP faults : 74 net errors, 0 proto errors, 0 retried, 0 drops

 TCP handshakes : 467 total (3.5 req/conn)  

     TCP faults : 0 failures, 74 timeouts, 0 purged

 External links : 54 skipped

   Reqs pending : 1179        

Database statistics:

         Pivots : 369 total, 1 done (0.27%)    

    In progress : 367 pending, 1 init, 0 attacks, 0 dict    

  Missing nodes : 0 spotted

     Node types : 1 serv, 235 dir, 39 file, 0 pinfo, 48 unkn, 46 par, 0 val

   Issues found : 6 info, 1 warn, 1 low, 5 medium, 0 high impact

      Dict size : 2412 words (197 new), 110 extensions, 256 candidates

     Signatures : 77 total

--选择Ctrl+C 来结束扫描，结束输出文件放在/root/Desktop/Skipfishoutput/

        

[!] Scan aborted by user, bailing out!

[+] Copying static resources...

[+] Sorting and annotating crawl nodes: 369

[+] Looking for duplicate entries: 369

[+] Counting unique nodes: 369

[+] Saving pivot data for third-party tools...

[+] Writing scan description...

[+] Writing crawl tree: 369

[+] Generating summary views...

[+] Report saved to '/root/Desktop/Skipfishoutput/index.html' [0xa83556b0].

[+] This was a great day for science!

Medium risk - data compromise External content embedded on a page (higher risk) (5)

中等风险-数据妥协 (高风险) 的网页中嵌入的外部内容 (5) Low risk or low specificity HTML form with no apparent XSRF protection (1) 低风险或低特异性与没有明显的 XSRF 保护 (1) 的 HTML 表单 Internal warning Resource fetch failed (1) 内部警告资源读取失败 (1) Informational note Unknown form field (can't autocomplete) (1) 信息说明未知的表单字段 (不能自动完成) (1)