The W3AF, is a Web Application Attack and Audit Framework. The W3AF core and it's plug-ins are fully written in python. The project has more than 130 plug-ins, which check for SQL injection, cross site scripting (XSS), local and remote file inclusion and much more.

This is a companion discussion topic for the original entry at https://copr.fedorainfracloud.org/coprs/jjelen/w3af/