Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them.
For downloads and more information,
visit the Netsparker homepage.
I used Netsparker community and commercial versions on several penetration testing assignments with very good results. The tool is very easy to setup and use, it dispays findings in a nice dashboard which can also be exported to pdf reports. It's generally free from false positives, however some vulnerabilities may be overrated depending on the business impact of the target application.
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).