• W3af

    Web application attack and audit framework, the open source web vulnerability scanner.

  • Wapiti

    Web vulnerability scanner written in Python3. Wapiti is an open-source web application vulnerability scanner. It is designed to identify security vulnerabilities in web applications by analyzing their source code and detecting potential issues such as SQL injection, cross-site scripting (XSS), and other common web application security flaws. Wapiti helps security professionals and developers assess the security posture of web applications and address potential vulnerabilities.

  • WebScarab

    A free and open-source web application vulnerability testing tool. WebScarab is written in Java and offers a modular set of interface components that users can swap in and out.

  • WeirdAAL

    An AWS attack library. It’s designed to identify security misconfigurations and potential vulnerabilities within an Active Directory infrastructure.

  • Xray

    A passive-vulnerability-scanner Tool.

  • Zed Attack Proxy

    A free and open-source web application security scanner and testing tool. ZAP provides features for automating web security and offers an extensive library of community add-ons.