The Best 17 w3af Alternatives

  • Burp Suite

    Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing...

    Freemium Mac OS X Windows Linux BSD

  • Nikto

    Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and...

    Free Open Source Mac OS X Windows Linux

  • Zed Attack Proxy

    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

    Free Open Source Mac OS X Windows Linux

  • skipfish

    A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

    Free Open Source Mac OS X Windows Linux BSD

  • SHODAN

    SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

    Free Web

  • Acunetix

    Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free...

    Commercial Windows Web Wordpress

  • Intruder

    Intruder is a security monitoring platform for internet-facing systems.

    Commercial Web

  • Netsparker

    Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could...

    Commercial Windows

  • IronWASP

    IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing.

    Free Open Source Mac OS X Windows Linux

  • Websecurify

    Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    Commercial Mac OS X Windows Linux

  • wapiti

    Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

    Free Open Source Windows Linux

  • Arachni

    Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of...

    Free Open Source Mac OS X Windows Linux

  • SecApps

    Find security vulnerabilities right from your browser. Experience the next generation security tools without the need to install any additional software.

    Freemium Mac OS X Windows Linux Chrome OS Web

  • Golem Security Scanner

    Golem Security Scanner is a powerful and intuitive website security scanner which uses a combination of proprietary and open source scanners to maximize the scan...

    Freemium Web

  • Ammonite

    Ammonite is a web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command injection, cross-site...

    Commercial Windows Fiddler