Hi,
What you need to know about any web scanner, you will always get false positives. That is part when you need to use your brain and knowledge. You can use other scanners like Arachni, XSSer, Nikto and many others free or paid solutions.
And you need to learn a lot before just running some tool. That is how you need to think if you want to learn. 1st learn about all vulnerability then try to exploit them. If not, you will lose a lot of your time.
oh sure!

i now, and i use nikto, but i don't know all type of vulnerabilities.
nikto after a scan shows to you a osvbd id.
so if i don't know something i can read and search about the osvdb id and i can learn.
but with skipfish, i don't have any id, neither osvdb nor cve, so i have some difficult to understand vulnerabilities found.
i want to specify thant i don't use vulnerabilities found for exploit them for attack a web-site, i use vulnerabilities for defend my site and my web applications.
anyway thanks for the answer. =)
regards
but with skipfish, i don't have any id, neither osvdb nor cve, so i have some difficult to understand vulnerabilities found.