w3af Review

Having this on a USB drive saved me so many times, and has also proven an easy way to hammer the point home when doing a physical penetration test.

We've been able to do lots of tests and have gotten lots of useful results.

I found it buggy, but it probably takes an expert user who knows programming to work it properly.`

I've used it for one year.

The best free software for pen testing web applications.

Unfortunately, once you get around the seemingly strict set of pre-requisites to install it, it is incredibly buggy. It seems to try to do too many things and be too fancy, but simply isn't useful.

No issues encountered.

It's good.

It's good.

I use many tools, but this one is always the first.

Installation is with some kind of wizard, but the tool is very useful and easy to use. Best choice as a good starting point.

I did it myself from their website.

100%.

We chose this one because it is one of the most powerful web penetration tools.

I tried to install this on numerous systems and eventually, with help, I got it running. It needs far too many dependencies installed and there's too much messing about to be of much use. Once running, it's buggy and begs the question can it be relied upon? Even within Kali it reports website time-outs, yet Zap or Burp are able to do a successful scan. I wanted this to work so much and be able to use it as an additional check of my results but have now binned it.