Web Vulnerability Scanners
- ACSTIS - Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
- Arachni - Scriptable framework for evaluating the security of web applications.
- JCS - Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm.
- Nikto - Noisy but fast black box web server and web application vulnerability scanner.
- SQLmate - Friend of
sqlmap that identifies SQLi vulnerabilities based on a given dork and (optional) website.
- SecApps - In-browser web application security testing suite.
- WPScan - Black box WordPress vulnerability scanner.
- Wapiti - Black box web application vulnerability scanner with built-in fuzzer.
- WebReaver - Commercial, graphical web application vulnerability scanner designed for macOS.
- cms-explorer - Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.
- joomscan - Joomla vulnerability scanner.
- w3af - Web application attack and audit framework.