11 security audit essentials


10. W3af - Web application attack and audit framework

Source:  w3af

W3af, the Web application attack and audit framework is a version of Metasploit, covering Web applications. W3af is used to exploit Web applications and presents information regarding vulnerabilities, supporting the penetration testing process. W3af consists of two main parts -- the core and plugins. Custom plugins can be written, with inter-plugin communication dealt with by the knowledge base. There is a provision for saving scan reports to text files for later reference.

You can download this tool here.

View All Photo Stories
Data Center
Data Management