List and Comparison of the Best Vulnerability Analysis and Vulnerability Scanning Tools:

• Dynamic Application Security Testing
• Application Security Scanning Software
• Application Vulnerability Scanning

Vulnerability Assessment is also termed as Vulnerability Analysis.

The method of recognizing, categorizing and characterizing the security holes (called as Vulnerabilities) among the network infrastructure, computers, hardware system, and software, etc. is known as Vulnerability Analysis.

Few examples of such vulnerabilities are like a misconfiguration of components in network infrastructure, a defect or error in an operating system, any ambiguity in a marketable product, etc.

Oct 04, 2018  Intro to Web Application Security Scanners Burp Suite: Burp Suite is a set of tools for evaluating web application’s security. Netsparker: With support for both detection and exploitation of vulnerabilities. Arachni: Arachni is a feature-full, modular; high-performance Ruby framework. This tool does not replace your antimalware product. For real-time protection with automatic updates, use Windows Defender Antivirus on Windows 10 and Windows 8 or Microsoft Security Essentials on Windows 7. These antimalware products also provide powerful malware removal capabilities.

If vulnerabilities are found as a part of any vulnerability assessment then there is a need for vulnerability disclosure. Generally, such disclosures are carried out by separate teams like Computer Emergency Readiness Team (CERT) or the organization which has discovered the vulnerability.

The prevalence of software-related problems is a key motivation for using application security testing (AST) tools. With a growing number of application security testing tools available, it can be confusing for information technology (IT) leaders, developers, and engineers to know which tools address which issues. Codified Security was launched in 2015 with its headquarters in London, United Kingdom. Codified Security is a popular testing tool to perform mobile application security testing. It identifies and fixes the security vulnerabilities and ensures that the mobile app is secure to use.

Additional Vulnerability Assessment Scanning Tools. Below are a few more additional vulnerability tools that are used by a few other organizations. Nmap (Network Mapper) is a free and an open source security scanner used to determine hosts and services on a network by structuring the map of the computer network. Test if your Mobile App has any security flaws and fixes it before it damages your business reputation. The latest research by NowSecure shows that 25% of mobile apps contains at least one high-risk security vulnerability. Being an open source application, Retina CS presents complete support for virtual environments like vCenter integration, virtual app scanning etc. Microsoft Baseline Security Analyzer (MBSA) MBSA is a free Microsoft tool ideal for securing a Windows computer based on the specifications or guidelines set by Microsoft.

The above-mentioned vulnerabilities become the main source for malicious activities like cracking the systems, LANs, websites, etc.

To evaluate or assess the security of any network the following six steps has to be focused,

1. Spot and realize the approach of your industry or company like how it is structured and managed.
2. Trace the systems, data, and applications that are exercised throughout the practice of the business.
3. Investigate the unseen data sources which can permit simple entry to the protected information.
4. Classify both the physical and virtual servers that run the necessary business applications.
5. Tracking all the existing security measures which are already implemented.
6. Inspect the network for any vulnerability.

Here is the list of the best vulnerability scanning tools:

Recommended Vulnerability scanner:

=> Try the Acunetix Vulnerability Assessment

• Netsparker
• Acunetix
• Intruder
• Probely
• AppTrana
• ManageEngine Vulnerability Manager Plus
• OpenVAS
• Nexpose Community
• Nikto
• Tripwire IP360
• Wireshark
• Aircrack
• Nessus Professional
• Retina CS Community
• Microsoft Baseline Security Analyzer
• Secunia Personal Software Inspector

What You Will Learn:

• Best Vulnerability Assessment Tools

Best Vulnerability Assessment Tools

Here we go!

#1) Netsparker

Netsparkeris a dead accurate automated scanner that will identify vulnerabilities such as SQL Injection and Cross-site Scripting in web applications and web APIs.

Netsparker uniquely verifies the identified vulnerabilities proving they are real and not false positives. Therefore you do not have to waste hours manually verifying the identified vulnerabilities once a scan is finished. It is available as a Windows software and as online service.

=> Visit Netsparker Website

#2) Acunetix

Acunetixis a fully automated web vulnerability scanner that detects and reports on over 4500 web application vulnerabilities including all variants of SQL Injection and XSS.

The Acunetix crawler fully supports HTML5 and JavaScript and Single-page applications, allowing auditing of complex, authenticated applications.

It bakes in advanced Vulnerability Management features right-into its core, prioritizing risks based on data through a single, consolidated view, and integrating the scanner’s results into other tools and platforms.

=> Visit Acunetix Website

#3) Intruder

Intruderis a proactive vulnerability scanner that scans you as soon as new vulnerabilities are released. In addition, it has over 10,000 historic security checks, including for WannaCry, Heartbleed and SQL Injection.

Integrations with Slack and Jira help notify development teams when newly discovered issues need fixing, and AWS integration means you can synchronize your IP addresses to scan.

The Intruder is popular with startups and medium-sized businesses as it makes vulnerability management easier for small teams.

=> Visit Intruder Website

#4) Probely

Probelyscans your Web Applications to find vulnerabilities or security issues and provides guidance on how to fix them, having Developers in mind.

Probely not only features a sleek and intuitive interface but also follows an API-First development approach, providing all features through an API. This allows Probely to be integrated into Continuous Integration pipelines in order to automate security testing.

Probely covers OWASP TOP10 and thousands of more vulnerabilities. It can also be used to check specific PCI-DSS, ISO27001, HIPAA and GDPR requirements.

=> Visit Probely Website

#5) AppTrana

Company Name: Indusface

AppTrana: Indusface WAS is an automated web application vulnerability scanner that detects and reports vulnerabilities based on OWASP top 10.

The company is headquartered in India with offices in Bengaluru, Vadodara, Mumbai, Delhi, and San Francisco and their services are used by 1100+ customers across 25+ countries globally.

Features

• New age crawler to scan single page applications.
• Pause and resume feature
• Additional Manual Penetration testing and publish the report in the same dashboard
• Proof of concept request to provide evidence of reported vulnerability and eliminate false positive
• Optional integration with the Indusface WAF to provide instant virtual patching with Zero False positive
• Ability to automatically expand crawl coverage based on real traffic data from the WAF systems (in case WAF is subscribed and used)
• 24×7 support to discuss remediation guidelines and POC
• Free trial with a comprehensive single scan and no credit card required

=> Visit Indusface WAS Website

#6) ManageEngine Vulnerability Manager Plus

Vulnerability Manager Plus is an on-premise threat and vulnerability management solution that empowers IT administrators and security teams with an integrated console to secure to systems and servers across local and remote offices, roaming devices as well as closed network (DMZ) machines.

With Vulnerability Manager Plus, you can:

• Continuously monitor your network for existing and emerging vulnerabilities.
• Prioritize vulnerabilities that are more likely to be exploited with a vulnerability assessment.
• Audit antivirus and firewall protection, and get rid of open shares, unauthorized users, weak passwords, legacy protocols, and other misconfigurations, with Security Configuration Management.
• Customize and automate patching for Windows, macOS, Linux, and over 250 third-party applications with built-in Patch Management.
• Safeguard your internet-facing servers from many attack variants, like XSS, clickjacking, and brute-force attacks, with Web Server Hardening.
• Detect and eliminate unauthorized and unsupported software in your network.

Vulnerability Manager Plus is an easy-to-implement, remotely deployable agent-based software with an intuitive UI that doesn't demand skilled professionals or extensive training.

=> Visit Vulnerability Manager Plus website

#7) OpenVAS

From the name itself, we can come to the conclusion that this tool is an open source tool. OpenVAS serves as a central service that provides tools for both vulnerability scanning and vulnerability management.

• OpenVAS services are free of cost and are generally licensed under GNU General Public License (GPL)
• OpenVAS supports various operating systems
• The scan engine of OpenVAS is updated with the Network Vulnerability Tests on a regular basis
• OpenVAS scanner is a complete vulnerability assessment tool that is used to spot issues related to security in the servers and other devices of the network

You can visit the official website from here and download this tool.

#8) Nexpose Community

Nexpose vulnerability scanner which is an open source tool is developed by Rapid7 is used to scan the vulnerabilities and perform various network checks.

• Nexpose is used to monitor the exposure of vulnerabilities in real-time, familiarize itself to new hazards with fresh data
• Generally, most of the vulnerability scanners categorize the risks using a high or medium or low scale
• Nexpose considers the age of the vulnerability like which malware kit is used in it, what advantages are used by it etc. and fix the issue based on its priority
• Nexpose automatically detects and scans the new devices and assess the vulnerabilities when they access the network
• Nexpose can be integrated with a Metaspoilt framework

Free trial of this tool is available here

#9) Nikto

Nikto is a very admired and open source web scanner used to assess the probable issues and vulnerabilities.

• Nikto is used to carry out wide-ranging tests on web servers to scan various items like few hazardous programs or files
• Nikto is also used to verify the server version’s whether they are outdated, and also checks for any specific problem that affects the server’s functioning
• Nikto is used to scan various protocols like HTTP, HTTPS, HTTPd etc. Using this tool one can scan multiple ports of a particular server
• Nikto is not considered as a quiet tool. It is used to test a web server in the least possible time

To learn more about this tool, you can visit the official website from here.

#10) Tripwire IP360

Tripwire Inc is an IT Security Company famous for its security configuration management products. Tripwire IP360 is its main vulnerability management product.

• Tripwire IP360 is the world’s foremost vulnerability assessment solution that is used by various agencies and enterprises to administrate their security risks
• Using the open standards, tripwire IP360 enables the integration of risk management and vulnerability into multiple processes of the business
• Tripwire IP360 offers low bandwidth solution, non-disturbing, and agentless network profiling
• Using a wide-ranging view of networks, tripwire IP360 notices all the vulnerabilities, applications, configurations, network hosts etc.

Visit Tripwire website from herefor further details on pricing and other information.

#11) Wireshark

Wireshark is the world’s leading and extensively used network protocol analyzer.

• Wireshark is used across various streams like educational institutions, government agencies, and enterprises to look into the networks at a microscopic level
• Wireshark has a special feature like it captures the issues online and performs the analysis offline
• Wireshark runs on various platforms like Windows, Linux, Mac, and Solaris.
• Wireshark has the capability of deeply inspecting many protocols
• Among the security practitioners toolkit, Wireshark is the most powerful tool

For downloading and further queries or information on this tool, access from here.

#12) Aircrack

Aircrack is also called as Aircrack-NG which is a set of tools used to assess the WiFi network security.

• Aircrack focuses on various areas of WiFi Security like monitoring the packets and data, replay attacks, testing the drivers and cards, Cracking.
• Aircrack is a cracking agenda that purposely aims WPA-PSK and WEP keys
• Using Aircrack we can retrieve the lost keys by capturing the data packets
• Aircrack tools are also used in a network auditing
• Aircrack supports multiple OS like Linux, Windows, OS X, Solaris, NetBSD.

Check out the website from herefor further information on Aircrack-NG tool.

#13) Nessus Professional

Nessus is patented and branded vulnerability scanner developed by Tenable Network Security.

• This tool has been installed and used by millions of users throughout the world for vulnerability assessment, configuration issues.
• Nessus is used to prevent the networks from the penetrations made by hackers by assessing the vulnerabilities at the earliest
• Nessus supports wide-range of OS, applications, DBs, and many more network devices among cloud infrastructure, physical and virtual networks
• Nessus is capable of scanning the vulnerabilities which allow remote hacking of sensitive data from a system

For a free trial of this tool and for further information, visit here.

#14) Retina CS Community

Retina CS is an open source and web-based console with which the vulnerability management has been centralized and simplified.

• Using Retina CS for managing the network security can save the time, cost and effort
• Retina CS is included with automated vulnerability assessment for workstations, DBs, web applications, and servers
• As it is an open source application, it presents complete support for virtual environments like virtual app scanning, vCenter integration etc.
• With its feasible features like patching, compliance reporting and configuration compliance Retina CS offers an assessment of cross-platform vulnerability

Check out the website from here for further information on Retina CS like a free trial, demo etc.

#15) Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer is a free Microsoft tool used to secure a Windows computer based on the guidelines or specifications set by Microsoft.

• Using MBSA one can advance their security process by investigating a group of computers for any missing updates, misconfiguration, and any security patches etc.
• Once the scanning of any system is done through MBSA, then it will present you with few solutions or suggestions regarding fixing the vulnerabilities
• MBSA can only scan for service packs, security updates and update rollups keeping aside the Optional and Critical updates
• MBSA is used by small-sized and medium-sized organizations for managing the security of their networks

Access the tool’s website from here.

#16) Secunia Personal Software Inspector

Secunia Personal Software Inspector is a free program used to find the security vulnerabilities on your PC and even solving them fast.

• Secunia PSI is easy to use, quickly scans the system, enables the users to download the latest versions etc.
• Secunia PSI is mainly used to keep all the applications and programs of your PC updated
• One advantage of using this Secunia PSI is that it automatically scans the systems for updates or patches and installs them
• Secunia PSI even identifies the insecure programs in your PC and notifies you

Explore the site from here for free download and more features on Secunia Personal Software Inspector.

Additional Vulnerability Assessment Scanning Tools

Below are a few more additional vulnerability tools that are used by a few other organizations.

#17) Nmap

Equity Edge Online (EEO) is the result of more than 30 years of innovation—driven by feedback from the nation’s leading companies. This proprietary platform offers sophisticated functionality built exclusively for plan administration, offering data security, ease of access, automatic upgrades, and borderless support for global plans. Equity edge stock option software.

Nmap (Network Mapper) is a free and an open source security scanner used to determine hosts and services on a network by structuring the map of the computer network. Mainly used in an inventory of the networks, security auditing, administrating the service promote agenda. For official website check here.

#18) Metasploit Framework

Dynamic Application Security Testing

Metasploit is Rapid7’s penetration testing tool that works very closely with Nexpose. It is an open source framework that validates the vulnerabilities found by Nexpose and strives in patching the same. For official website check here.

#19) Veracode

Veracode’s Vulnerability scanner is the most widely used and demanded a tool that guards your applications against threats and attacks by conducting a deeper binary analysis. For official website check here.

#20) Nipper Studio

Nipper Studio is an advanced configuration tool used for security auditing. Using Nipper Studio one can quickly scan the networks for vulnerabilities through which they can secure their networks and avert the attacks within minutes. For official website check here.

#21) GFI LanGuard

GFI LanGuard is an easy-to-use administration tool for securing, condensing IT tasks, troubleshooting the networks against vulnerabilities. This tool is used in patch management, network discovery, Port scanning and network auditing, etc. For official website check here.

#22) Core Impact

Core Impact is an industry-leading framework used in vulnerability management activities like vulnerability scanning, penetration security testing, etc. Using Core Impact we can allow simulated attacks across mobiles, web, and networks. For official website check here.

#23) Qualys

Vulnerability management using Qualys helps in identifying and addressing security threats through cloud-based solutions. Even the network auditing can be automated using Qualys. For official website check here.

#24) SAINT

SAINT (Security Administrator’s Integrated Network Tool) is used to scan computer networks for vulnerabilities and abusing the same vulnerabilities. SAINT can even categorize and group the vulnerabilities based on their severity and type. For official website check here.

#25) Safe3 Web Vulnerability Scanner

Safe3WVS is the most dominant and fast vulnerability scanner that uses web spider technology. This tool removes the repeated pages while scanning which makes it a fast scanning tool. For official website check here.

#26) WebReaver

WebReaver is the security scanning tool for Mac operating system. It is a well-designed, simple, easy, automated and web application security scanning tool. WebReaver is powered by Web security. For official website check here.

#27) Beyond Security's AVDS appliance

AVDS is a vulnerability assessment tool used to scan the networks with a large number of nodes like 50 to 2,00,000. With this tool, each and every node is tested according to its characteristics and the respective report with its responses is generated. For official website check here.

#28) AppScan

AppScan is powered by IBM Security for static and dynamic security auditing of applications throughout their lifecycle. This tool is generally used to scan the web and mobile applications before deployment phase. For Official website check here

#29) Clair

Clair is an open source program and automatic container vulnerability used for security scanning and static analysis of vulnerabilities in apps and Docker container. For official website check here.

#30) OWASP Zed Attack Proxy

OWASP Zed Attack Proxy (ZAP) is the trendiest, admired, free and automatic security tool used for finding vulnerabilities in web applications during its developing and testing stages. It is also used in manual security testing by pentester. For official website check here.

#31) Burp Suite Free Edition

Burp Suite Free Edition is an open source, complete software toolkit used to execute manual security testing of web applications. Using this tool the data traffic between the source and the target can be inspected and browsed. For official website check here.

Conclusion

This article provides you a list of the best vulnerability assessment tools with which the security of the web applications, computer networks, networks among the organizations can be audited and protected from threats, and malware.

Using such assessment tools one can identify the weaknesses over their personal or official network and can prevent or safeguard them from viruses, and disasters.

Learn Vulnerability Scanning

Learn about vulnerability scanning tools.
This skills course covers

⇒ Application and container scans
⇒ Analyzing vulnerability scans
⇒ Vulnerability scanning

Start your free trial

In the past, many popular websites have been hacked. Hackers are now active and always try to hack websites and leak data. This is why security testing of web applications is very important. And here comes the role of web application security scanners. Web Application Security Scanner is a software program which performs automatic black box testing on a web application and identifies security vulnerabilities. Scanners do not access the source code, they only perform functional testing and try to find security vulnerabilities.

Various paid and free web application vulnerability scanners are available. In this post, we are listing the best free open source web application vulnerability scanners. I am adding the tools in random order. So please do not think it is a ranking of tools.

I am only adding open source tools which can be used to find security vulnerabilities in web applications. I am not adding tools to find server vulnerabilities. And do not confuse with free tools and open source tools. Because there are various other tools available for free, but they do not provide source code to other developers. Open source tools are those which offer source codes to developers so that developers can modify the tool or help in further development.

These are the best open source web application penetration testing tools:

1. Grabber

Grabber is a nice web application scanner which can detect many security vulnerabilities in web applications. It performs scans and tells where the vulnerability exists. It can detect the following vulnerabilities:

• Cross site scripting
• SQL injection
• Ajax testing
• File inclusion
• JS source code analyzer
• Backup file check

It is not fast as compared to other security scanners, but it is simple and portable. This should be used only to test small web applications because it takes too much time to scan large applications.

This tool does not offer any GUI interface. It also cannot create any PDF report. This tool was designed to be simple and for personal use. You can try this tool just for personal use. If you are thinking of it for professional use, I will never recommend it.

This tool was developed in Python. And an executable version is also available if you want. Source code is available, so you can modify it according your needs. The main script is grabber.py, which once executed calls other modules like sql.py, xss.py or others.

Download it here: http://rgaucher.info/beta/grabber/

Source code on Github: https://github.com/neuroo/grabber

2. Vega

Vega is another free open source web vulnerability scanner and testing platform. With this tool, you can perform security testing of a web application. This tool is written in Java and offers a GUI based environment. It is available for OS X, Linux and Windows.

It can be used to find SQL injection, header injection, directory listing, shell injection, cross site scripting, file inclusion and other web application vulnerabilities. This tool can also be extended using a powerful API written in JavaScript.

While working with the tool, it lets you set a few preferences like total number of path descendants, number of child paths of a node, depth and maximum number of request per second. You can use Vega Scanner, Vega Proxy, Proxy Scanner and also Scanner with credentials. If you need help, you can find resources in the documentation section:

Documentation: https://subgraph.com/vega/documentation/index.en.html

Download Vega: https://subgraph.com/vega/

3. Zed Attack Proxy

Zed Attack Proxy is also known as ZAP. This tool is open source and is developed by AWASP. It is available for Windows, Unix/Linux and Macintosh platforms. I personally like this tool. It can be used to find a wide range of vulnerabilities in web applications. The tool is very simple and easy to use. Even if you are new to penetration testing, you can easily use this tool to start learning penetration testing of web applications.

These are the key functionalities of ZAP:

• Intercepting Proxy
• Automatic Scanner
• Traditional but powerful spiders
• Fuzzer
• Web Socket Support
• Plug-n-hack support
• Authentication support
• REST based API
• Dynamic SSL certificates
• Smartcard and Client Digital Certificates support

You can either use this tool as a scanner by inputting the URL to perform scanning, or you can use this tool as an intercepting proxy to manually perform tests on specific pages.

Download ZAP : https://github.com/zaproxy/zaproxy

4. Wapiti

Wapiti is also a nice web vulnerability scanner which lets you audit the security of your web applications. It performs black-box testing by scanning web pages and injecting data. It tries to inject payloads and see if a script is vulnerable. It supports both GET and POSTHTTP attacks and detects multiple vulnerabilities.

It can detect following vulnerabilities:

• File Disclosure
• File inclusion
• Cross Site Scripting (XSS)
• Command execution detection
• CRLF Injection
• SEL Injection and Xpath Injection
• Weak .htaccess configuration
• Backup files disclosure
• and many other

Wapiti is a command-line application. So, it may not be easy for beginners. But for experts, it will perform well. For using this tool, you need to learn lots of commands which can be found in official documentation.

Download Wapiti with source code: http://wapiti.sourceforge.net/

5. W3af

W3af is a popular web application attack and audit framework. This framework aims to provide a better web application penetration testing platform. It is developed using Python. By using this tool, you will be able to identify more than 200 kinds of web application vulnerabilities including SQL injection, Cross-Site Scripting and many others.

It comes with a graphical and console interface. You can use it easily by using its easy to understand interface.

If you are using it with Graphical Interface, I do not think that you are going to face any problem with the tool. You only need to select the options and then start the scanner. If a website needs authentication, you can also use authentication modules to scan the session-protected pages.

We have already covered this tool in detail in our previous W3af walkthrough series. You can read those articles to know more about this tool.

You can access source code at the Github repository: https://github.com/andresriancho/w3af/

Download it from the official website: http://w3af.org/

Ethical Hacking Boot Camp — Exam Pass Guarantee

6. WebScarab

WebScarab is a Java-based security framework for analyzing web applications using HTTP or HTTPS protocol. With available plugins, you can extend the functionality of the tool. This tool works as an intercepting proxy. So, you can review the request and response coming to your browser and going to thw server. You can also modify the request or response before they are received by server or browser.

If you are a beginner, this tool is not for you. This tool was designed for those who have a good understanding of HTTP protocol and can write codes.

Webscarab provides many features which helps penetration testers work closely on a web application and find security vulnerabilities. It has a spider which can automatically find new URLs of the target website. It can easily extract scripts and HTML of the page. Proxy observes the traffic between server and your browser, and you can take control of the request and response by using available plugins. Available modules can easily detect most common vulnerabilities like SQL injection, XSS< CRLF and many other vulnerabilities.

Source code of the tool is available on Github: https://github.com/OWASP/OWASP-WebScarab

Download WebScarab here: https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

7. Skipfish

Skipfish is also a nice web application security tool. It crawls the website and then check each pages for various security threats and at the end prepares the final report. This tool was written in C. It is highly optimized for HTTP handling and utilizing minimum CPU. It claims that it can easily handle 2000 requests per second without adding a load on CPU. It use a heuristics approach while crawling and testing web pages. This tool also claims to offer high quality and less false positives.

This tool is available for Linux, FreeBSD, MacOS X and Windows.

Download Skipfish or code from GOogle Codes: http://code.google.com/p/skipfish/

Application Security Scanning Software

8. Ratproxy

Ratproxy is also an open source web application security audit tool which can be used to find security vulnerabilities in web applications. It is supports Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

This tool is designed to overcome the problems users usually face while using other proxy tools for security audits. It is capable of distinguishing between CSS stylesheets and JavaScript codes. It also supports SSL man in the middle attack, which means you can also see data passing through SSL. You can read more about this tool here: http://code.google.com/p/ratproxy/wiki/RatproxyDoc

Download http://code.google.com/p/ratproxy/

9. SQLMap

SQLMap is another popular open source penetration testing tool. It automates the process of finding and exploiting SQL injection vulnerability in a website’s database. It has a powerful detection engine and many useful features. So, a penetration tester can easily perform SQL injection check on a website.

It supports range of database servers including MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB. It offers full support to 6 kinds of SQL injection techniques: time-based blind, boolean-based blind, error-based, UNION query, stacked queries and out-of-band.

Access the source code on Github repository: https://github.com/sqlmapproject/sqlmap

Download SQLMap here: https://github.com/sqlmapproject/sqlmap

10. Wfuzz

Wfuzz is another freely available open source tool for web application penetration testing. It can be used to brute force GET and POST parameters for testing against various kinds of injections like SQL, XSS, LDAP and many others. It also supports cookie fuzzing, multi-threading, SOCK, Proxy, Authentication, parameters brute forcing, multiple proxy and many other things. You can read more about the features of the tool here: http://code.google.com/p/wfuzz/

Application Vulnerability Scanning

This tool does not offer a GUI interface, so you will have to work on command line interface.

Download Wfuzz from code.google.com: http://code.google.com/p/wfuzz/

11. Grendel-Scan

Grendel-Scan is another nice open source web application security tool. This is an automatic tool for finding security vulnerabilities in web applications. Many features are also available for manual penetration testing. This tool is available for Windows, Linux and Macintosh. This tool was developed in Java.

Download the tool and source code: http://sourceforge.net/projects/grendel/

12. Watcher

Watcher is a passive web security scanner. It does not attack with loads of requests or crawl the target website. It is not a separate tool but is an add-on of Fiddler. So you need to first install Fiddler and then install Watcher to use it.

It quietly analyzes the request and response from the user-interaction and then makes a report on the application. As it is a passive scanner, it will not affect the website’s hosting or cloud infrastructure.

Download watcher and its source code: http://websecuritytool.codeplex.com/

13. X5S

X5s is also a Fiddler add-on which aims to provide a way to find cross-site scripting vulnerabilities. This is not an automatic tool. So, you need to understand how encoding issues can lead to XSS. You need to manually find the injection point and then check where XSS can be in the application.

We have covered the X5S in a previous post. So, you can refer to that article to read more about X5S and XSS.

Download X5S and source code from codeplex: http://xss.codeplex.com/

You can also refer to this official guide to know how to use X5S: http://xss.codeplex.com/wikipage?title=tutorial

14. Arachni

Arachni is an open source tool developed for providing a penetration testing environment. This tool can detect various web application security vulnerabilities. It can detect various vulnerabilities like SQL Injection, XSS, Local File inclusion, remote file inclusion, unvalidated redirect, and many others.

Download this tool here: http://www.arachni-scanner.com/

Final Word

These are the best open source web application security testing tools. I tried my best to list all the tools available online. If a tool was not updated for many years, I did not mention it here. Because if a tool is more than 10 years old, it can create compatibility issues in the recent environment. If you are a developer, you can also join the developers’ community of these tools and help these tools to grow. By helping these tools, you will also increase your knowledge and expertise.

If you want to start penetration testing, I will recommend using Linux distributions which have been created for penetration testing. These environments are backtrack, gnacktrack, backbox and blackbuntu. All these tools come with various free and opensource tools for website penetration testing. So, you can go with those environments.

If you think I forgot to mention an important tool, you can drop a comment and I will try to add it.

Read more articles about penetration testing tools: