This incredible framework automates many of the tasks that had previously been done manually. Fully extensible and open source w3af uses a myriad of plugins to provide a fully customizable testing experience. The authors of the tool created it to be very user friendly for those new at testing as well as those who are expert penetration testers.
If the plugin you need is not already available, then simply create it yourself and save tons of time on all future tests. The w3af is constantly updated and improved. The plugin types that w3af includes cover discovery, brute forcing, auditing, and even evasion. The framework also includes auto update features to ensure that you always have the latest and greatest installed and ready to run. Learn more about this tool at http://w3af.org/.
As expected, the Kali development team has a preinstalled w3af. Open up your Kali virtual machine and select Applications | Web Application Analysis | w3afgui to...