原贴:
http://sectools.org/web-scanners.html
Nikto : A more comprehensive web scanner
Paros proxy : A web application vulnerability assessment proxy
WebScarab : A framework for analyzing applications that communicate using the HTTP and HTTPS protocols (只是帮助记录HTTP报文信息,并非真正的漏洞扫描)
WebInspect : A Powerful Web Application Scanner (非免费)
Whisker/libwhisker : Rain.Forest.Puppy’s CGI vulnerability scanner and library (被Nikto集成了)
Burpsuite : An integrated platform for attacking web applications (非免费)
Wikto : Web Server Assessment Tool (要注册才能下载)
Acunetix WVS : Commercial Web Vulnerability Scanner (非免费)
Rational AppScan : Commercial Web Vulnerability Scanner (非免费)
N-Stealth : Web server scanner (非免费)