Web application scanners

Tools

Nikto (web application scanner)

Nikto is an open source security scanner which tests web servers for potential vulnerabilities.

» Nikto review and details

Spaghetti (web vulnerability scanner)

Spaghetti is a web vulnerability scanner to find flaws in common web applications and frameworks. It can perform fingerprinting and vulnerability discovery.

» Spaghetti review and details

Wapiti (vulnerability scanner for web applications)

Wapiti is a security tool to perform vulnerability scans on web applications. It uses fuzzing to detect known and unknown paths, among other tests.

» Wapiti review and details

WhatWeb (website fingerprinter)

WhatWeb is a security tool written in Ruby to fingerprint web applications. It helps with detecting what software is used for a particular web application.

» WhatWeb review and details