[Owasp-alabama] A tool worth messing with

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Fri Mar 26 17:11:24 EDT 2010


My initial impressions are positive. Here is an example of what the report
looks like. Nice!

-Brad Causey
CISSP, MCSE, C|EH, CIFI, CGSP

http://www.owasp.org
--
"Si vis pacem, para bellum"
--


On Fri, Mar 26, 2010 at 4:01 PM, Brad Causey <bradcausey at gmail.com> wrote:

> Sounds good. I'm firing skipfish on some test sites now to see how it
> performs. Seems pretty strait forward so far.
> I know we also have some burp pro pros on the list. I use it pretty well,
> but I'm not sure I'd consider myself enough of an expert with it to do a
> demo of anything beyond its basic functionality.
>
>
> -Brad Causey
> CISSP, MCSE, C|EH, CIFI, CGSP
>
> http://www.owasp.org
> --
> "Si vis pacem, para bellum"
> --
>
>
> On Fri, Mar 26, 2010 at 3:57 PM, <owasp-alabama at lists.owasp.org> wrote:
>
>> I vote for:
>>
>> 1- skipfish
>> 2- comprehensive burp suite (pro) demo -maybe in two sessions?-
>>
>> Thx
>> -Simo
>>
>>
>>
>> On Fri, Mar 26, 2010 at 3:29 PM,  <owasp-alabama at lists.owasp.org> wrote:
>> > I vote for skipfish.
>> >
>> >
>> >
>> > From: owasp-alabama-bounces at lists.owasp.org
>> > [mailto:owasp-alabama-bounces at lists.owasp.org] On Behalf Of
>> > owasp-alabama at lists.owasp.org
>> > Sent: Friday, March 26, 2010 3:24 PM
>> > To: owasp-alabama at lists.owasp.org
>> > Subject: Re: [Owasp-alabama] A tool worth messing with
>> >
>> >
>> >
>> > Question:
>> >
>> > Would you rather see a presentation on:
>> >
>> > A. a comprehensive comparison on each popular open source WAS scanner's
>> > features and uses
>> > or
>> > B. an overview and demo of skipfish
>> >
>> > -Brad Causey
>> > CISSP, MCSE, C|EH, CIFI, CGSP
>> >
>> > http://www.owasp.org
>> > --
>> > "Si vis pacem, para bellum"
>> > --
>> >
>> > On Fri, Mar 26, 2010 at 10:28 AM, Brad Causey <bradcausey at gmail.com>
>> wrote:
>> >
>> > Sounds like a great idea. If anyone is brave enough, I'd take a
>> volunteer
>> > for a 30 minute demo.
>> > If you need more time, I can do that too.
>> >
>> >
>> > -Brad Causey
>> > CISSP, MCSE, C|EH, CIFI, CGSP
>> >
>> > http://www.owasp.org
>> > --
>> > "Si vis pacem, para bellum"
>> > --
>> >
>> > On Fri, Mar 26, 2010 at 10:25 AM, <owasp-alabama at lists.owasp.org>
>> wrote:
>> >
>> > Downloaded it and I figured it needed the open ssl headers... then still
>> > puked.
>> > Then I found the guide below:
>> > http://code.google.com/p/skipfish/issues/detail?id=4
>> > and got all the packages needed and compile fine
>> >
>> > If you are on ubuntu, you will still need to change the make file to
>> > reference the correct lib and other directories (just add your
>> > distribution lib path to the directives)
>> >
>> > It will be a good subject for the next meeting to have a quick
>> > demo/tutorial on the tool ?
>> >
>> > Thx
>> > -Simo Sentissi
>> >
>> >
>> > On Fri, Mar 26, 2010 at 9:46 AM,  <owasp-alabama at lists.owasp.org>
>> wrote:
>> >> I downloaded it a few days go, with the intent of putting it on the
>> live
>> >> CD.
>> >> It won't compile on my box.
>> >>
>> >> -Brad Causey
>> >> CISSP, MCSE, C|EH, CIFI, CGSP
>> >>
>> >> http://www.owasp.org
>> >> --
>> >> "Si vis pacem, para bellum"
>> >> --
>> >>
>> >>
>> >> On Thu, Mar 25, 2010 at 8:03 PM, <owasp-alabama at lists.owasp.org>
>> wrote:
>> >>>
>> >>> http://code.google.com/p/skipfish/
>> >>> The author alone should be enough to recommend...
>> >>>
>> >>> | Daniel Uriah Clemens
>> >>> | Packetninjas L.L.C | | http://www.packetninjas.net
>> >>> | c. 205.567.6850      | | o. 866.267.8851
>> >>> "Moments of sorrow are moments of sobriety"
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> _______________________________________________
>> >>> Owasp-alabama mailing list
>> >>> Owasp-alabama at lists.owasp.org
>> >>> https://lists.owasp.org/mailman/listinfo/owasp-alabama
>> >>
>> >>
>> >> _______________________________________________
>> >> Owasp-alabama mailing list
>> >> Owasp-alabama at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-alabama
>> >>
>> >>
>> > _______________________________________________
>> > Owasp-alabama mailing list
>> > Owasp-alabama at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-alabama
>> >
>> >
>> >
>> >
>> >
>> > ________________________________
>> >
>> > Confidentiality Notice: The information contained in this email message
>> is
>> > privileged and confidential information and intended only for the use of
>> the
>> > individual or entity named in the address. If you are not the intended
>> > recipient, you are hereby notified that any dissemination, distribution,
>> or
>> > copying of this information is strictly prohibited. If you received this
>> > information in error, please notify the sender and delete this
>> information
>> > from your computer and retain no copies of any of this information.
>> >
>> > _______________________________________________
>> > Owasp-alabama mailing list
>> > Owasp-alabama at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-alabama
>> >
>> >
>> _______________________________________________
>> Owasp-alabama mailing list
>> Owasp-alabama at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-alabama
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-alabama/attachments/20100326/3ba280cd/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot-Skipfish - scan results browser - Mozilla	Firefox.png
Type: image/png
Size: 254750 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-alabama/attachments/20100326/3ba280cd/attachment-0001.png 


More information about the Owasp-alabama mailing list