w3af is a web application assault and audit framework. It's got a few different types of plugins; discovery, audit and attack that communicate with each other for virtually any vulnerabilities in web page, one example is a discovery plugin in w3af seems for various url’s to check for vulnerabilities and ahead it for the audit plugin which then ta