w3af w3af: web application attack and audit framework, the open source web vulnerability scanner. The same project with minor changes to some plugins and the http_request_parser module.