Skipfish is an active web application security reconnaissance tool. It prepares
an interactive sitemap for the targeted site by carrying out a recursive crawl
and dictionary-based probes. The resulting map is then annotated with the output
from a number of active (but hopefully non-disruptive) security checks. The
final report generated by the tool is meant to serve as a foundation for
professional web application security assessments.

Key features:

    High speed: pure C code, highly optimized HTTP handling, minimal CPU
    footprint - easily achieving 2000 requests per second with responsive
    targets.

    Ease of use: heuristics to support a variety of quirky web frameworks and
    mixed-technology sites, with automatic learning capabilities, on-the-fly
    wordlist creation, and form autocompletion.

    Cutting-edge security logic: high quality, low false positive, differential
    security checks, capable of spotting a range of subtle flaws, including
    blind injection vectors.
