w3af is an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications. Pull requests are always welcome!