w3af (Web Application Attack and Audit Framework) is an open-source web application security scanner and exploitation tool. It identifies almost all web vulnerabilities.
w3af is consist of into two main parts:
- It coordinates the process and provides features to plugins
- Plugins find vulnerabilities and exploit them.
- They communicate with each other.
In w3af, there are different types of plugins.
- Brute force