Website security audit tools
Nikto (web application scanner)
Nikto is an open source security scanner which tests web servers for potential vulnerabilities.
shcheck (test HTTP headers of web applications)
Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.
Tulpar (web vulnerability scanner)
Tulpar is a security tool to scan web targets for possible vulnerabilities. It checks a wide range of items and attack types for this particular purpose.
VHostScan (virtual host scanner)
VHostScan is a security tool that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.
WhatWeb (website fingerprinter)
WhatWeb is a security tool written in Ruby to fingerprint web applications. It helps with detecting what software is used for a particular web application.