w3af: web application attack and audit framework, the open source web vulnerability scanner.
w3af is an open source
web application security scanner which helps developers and penetration testers
identify and exploit vulnerabilities in their web applications.
The scanner is able to identify 200+ vulnerabilities,
including Cross-Site Scripting,
SQL injection and
OS commanding.
Pull requests are always welcome! If you’re not sure where to start, please take
a look at the First steps as a contributor
document in our wiki. All contributions, no matter how small, are welcome.
Holm Security sponsors the project and uses w3af
as part of their amazing automated and continuous vulnerability assessment platform.
Found this project useful? Donations are accepted via ethereum at 0xb1B56F04E6cc5F4ACcB19678959800824DA8DE82