w3af Logo

w3af

0
Free
Updated 11 March 2025
Vulnerability Management
Appsec
App Security
Vulnerability Scanning
Web App Security
Web Application Security
Penetration Testing
Security Scanning
Visit Website

w3af is an open source web application security scanner that helps developers and penetration testers identify and exploit vulnerabilities in their web applications. The scanner can identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection, and OS commanding. Contributions are welcome, and the project is sponsored by Holm Security for automated vulnerability assessment.

FEATURES

EXPLORE BY TAGS

Appsec

App Security

Vulnerability Scanning

Web App Security

Web Application Security

Penetration Testing

Security Scanning

SIMILAR TOOLS

MetaHub Logo
MetaHub

Automated contextual security findings enrichment and impact evaluation tool for vulnerability management.

Free
Vulnerability Management
OWASP TOP 10 Presentation Logo
OWASP TOP 10 Presentation

A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.

Free
Vulnerability Management
Seemplicity Logo
Seemplicity

A remediation operations platform that streamlines vulnerability management by connecting security findings to fixing teams through automated workflows.

Commercial
Vulnerability Management
dom-red Logo
dom-red

A small script to check a list of domains against open redirect vulnerability

Free
Vulnerability Management
Cybersecurity Evaluation Tool (CSET) Logo
Cybersecurity Evaluation Tool (CSET)

CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.

Free
Vulnerability Management
Acunetix Web Vulnerability Scanner Logo
Acunetix Web Vulnerability Scanner

A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities

Free
Vulnerability Management
AttackSurfaceMapper Logo
AttackSurfaceMapper

Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

Free
Vulnerability Management
Linux Exploit Suggester 2 Logo
Linux Exploit Suggester 2

Next-generation Linux exploit suggester with improved features for finding privilege escalation vulnerabilities.

Free
Vulnerability Management
PayPal Donate Logo
PayPal Donate

Donate to your favorite open-source projects and charities using PayPal

Free
Vulnerability Management

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy