w3af, is a Web Application Attack and Audit Framework. The framework and the plugins are fully written in python. Each plugin will add a functionality like cross site scripting detection or SQL injection exploitation.
67d891aa6500e7df47db2f09f38d9e2c51954964e0f2cf5cf740433665379e95