In the following pages, we will look at some tools focused on vulnerabilities in an automated way. They can save time and are perfect for so-called juicy bugs, such as XSS, SQL injections, cross-site request forgery (CSRF), and other kinds of injections.
Websecurity (https://www.websecurify.com/) started as a normal web vulnerability scanner. It was very useful when the first application of AJAX started to appear in the world. Initially, it started as an open-source project, but recently, the company closed the code and released it as a commercial product. Currently, Websecurify does not exist anymore; it was changed to a product called SECAPPS, which is a web security scanner on demand, that you can open in your web browser. There is a free version, limited to some geolocations from where you execute the scanner, but annoyingly it nags you to buy the product:
Acunetix (https://www.acunetix.com/) is a vulnerability...