Google have made available, for free, their automated web scanner, Skipfish. This is a quick guide to setting it up on the Mac. You can download Skipfish from http://code.google.com/p/skipfish/ - I've put it in /opt/skipfish/.
To get this running you'll need Libidn which is easily available from Mac Ports via:
$sudo port install libidnWith Libidn installed we can now make Skipfish. Before starting though we need to edit the Makefile and add some arguments (I use Textmate from the Terminal. You could swap "mate" for "vi").
$ mate MakefileChange
$ CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -D_FORTIFY_SOURCE=0
for
$ CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -D_FORTIFY_SOURCE=0 -I/opt/local/include -L/opt/local/lib
Once thats done you should now be ready to MAKE Skipfish
$ cd /opt/skipfish/$ makeOnce done you need to copy a dictionary file from the dictionaries/ directory (use default.wl for your first run) and rename this to skipfish.wl.
Im not going in to how to run this and what it does as the docs does this quite well but below an example string which limits the requests to a 1000 so you can get feedback quickly (one scan took over an hour without the restriction).
$ ./skipfish -o test/ -r 1000 -B .google-analytics.com -B .googleapis.com http://www.[your site].co.uk/To explain the flags used:
- -B
- You do not want to actually crawl a third-party domain, but you trust the owner of that domain enough not to worry about cross-domain content inclusion from that location. To suppress warnings, you can use the -B option
- -r
- limits the total number of requests to send in a scan
- -o
- Reduces the risk of persistent effects of a scan which inhibits all form parsing and submission steps
N.B. the results file doesn't work in Google Chrome