Wapiti : Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the applica...
Run your own identity server : Running your own identity server allows you to act as an OpenID Provider. You could run one just for yourself, for a community of users or, if you wis...
Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...
OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...