http://code.google.com/p/skipfish/downloads/list Official change log for Skipfish-2.06b: Crawler update which gives more control over the injection test scheduling. This comes with the –checks and –checks-toggle flags to display and enable/disable checks. Pages where the response varies are no longer completely discarded. Instead now we only disable tests that require stability which increases scan coverage. Split the traversal and disclosure test to increase coverage: traversal checks require stable pages, the disclosure checks can be performed on all. Updated dictionaries and converted them to use the dictionary optimisations we introduced in 2.03b Fixed offline report viewing (thanks to Sebastian Roschke) Added NULL byte file disclosure tests Added JSP inclusion error check to analyse.c Added XSS injection tests for cookies Directory listings are now reported as individual (info-type) issues Added warning in case the negotiated SSL cipher turns out to be a weak one (leaving the cipher enumeration to network scanners) Added experimental -v flag which can be used to enable (limited) runtime reporting. This output is written to stderr and should be redirected to a file, unless you use the -u flag. The man page has been rewritten and now includes detailed descriptions and examples. A whole bunch of small bug fixes
+*skipfish-2.06_beta (14 May 2012) + + 14 May 2012; Pacho Ramos <pacho@gentoo.org> +skipfish-2.06_beta.ebuild, + -skipfish-1.31_beta.ebuild, -skipfish-1.52_beta.ebuild, + -skipfish-1.85_beta.ebuild, -skipfish-2.05_beta.ebuild: + Version bump, remove old (#415843 by Anton Bolshakov). +
