w3af is a web application assault and audit framework. It has a few kinds of plugins; discovery, audit and attack that talk to one another for just about any vulnerabilities in web-site, one example is a discovery plugin in w3af seems for different url’s to test for vulnerabilities and forward it to the audit plugin which then works by using thes