w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
Actually w3af has more than 130 plugins, including SQL injection, Cross Site Scripting and unsafe scripts detection.
These details are provided for information only. No information here is legal advice and should not be used as such.
There are no reported vulnerabilities