Web application vulnerability scanning

A web application scanner explores a web application by crawling through its web pages and examines it for security vulnerabilities by generating malicious inputs and evaluating application responses.

  • OWASP Zed can help find security vulnerabilities in web applications while developing and testing applications. Its also a great tool for experienced pentesters to use for manual security testing.
  • Nikto and Wikto (nikto for windows)