W3af is an extremely popular, powerful, and flexible framework for finding and exploiting web application vulnerabilities. It is easy to use and extend and features dozens of web assessment and exploitation plugins. In some ways it is like a web-focused Metasploit.
For downloads and more information,
visit the w3af homepage.
The best free software for pentesting web applications.
Your comment
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).
Couldn't use it because I couldn't open the GUI, installed everything but no idea how to open the GUI >.< I tried lol.
one of the most powerful web penetration tools.
great
very powerful tool in the hands of the right ppl. here is their twitter if you wanna follow them for updates http://twitter.com/#!/w3af
w00t! We made it to the list! Thanks for everybody who voted for us and the community effort behind each line of code :)
[Moderator note: 5-star rating removed from this review since it is by tool author]
The best free software for pentesting web applications.