w3af (Web Application Attack and Audit Framework)
is a framework for finding and exploiting Web
application vulnerabilities. It is easy to use and
extend. The project has more than 125 plugins
which check for SQL injection, cross site
scripting (XSS), remote file inclusion, and more.
