w3af | Web Application Attack framework

w3af | Web Application Attack framework

w3af is a Web Application Attack and Audit Framework. This opensource project's goal is to create a framework for finding and exploit web application vulnerabilities. This type of tools are very useful for pentesting of web applications. Web developers can check their website before deploying it to web hosts. 

Improvements:
Stable code base, an improvement that will reduce your w3af crashes to a minimum. We've been working on fixing all of our long-standing bugs, wrote thousands of lines of doctests and various types of automation to make sure we can also keep improving without breaking other sections of the code.


Auto-Update, which will allow you to keep your w3af installation updated without any effort. Always get the latest and greatest from our contributors!


Web Application Payloads, for people that enjoy exploitation techniques, this is one of the most interesting things you'll see in web application security! We created various layers of abstraction around an exploited vulnerability in order to be able to write payloads that use emulated syscalls to read, write and execute files on the compromised web server. Keep an eye on this blog for an entry completely dedicated to this subject! 


Download here:
http://sourceforge.net/projects/w3af/files/w3af/w3af%201.0-stable/