w3af is web application audit framework that scans web-based applications for security issues. Along with the Vulnerability Scanner, w3af provides tools to exploit ill intentions of web applications. w3af's framework also includes 2 plugins that can be used to find vulnerabilities, audit, and analyze web applications.
Qualys Community EditionVulnerability Assessment
Qualys Community Edition is a free version of Qualys Vulnerability Scanner Tool. The tool automatically updates with knowledge of the latest vulnerabilities. It includes the ability to asses 16 internal assets and 3 external assets with the toll. Included in the version is 1 Virtual Network Scanner and 1 Web Application Scanner. The tool also provides an overview of scan results and can be assessed from anywhere.
Open Vulnerability Assessment System (OpenVAS) is a powerful vulnerability scanner that tests and scans all types of servers and networks for security issues. This product is an open source framework that includes several vulnerability scanning tools. Features included in OpenVAS include unauthenticated testing, authenticated testing, internet and industrial protocols, and performance tuning for larger scans.
Nikto is a scanning tool for web servers. It can test web servers for over six thousand malicious files or programs. It also reviews installed software to see which ones are out of date. Nikto also has the capability to review server configurations, scan index files, and identify installed web servers and software.
Microsoft Security Compliance Toolkit 1.0Vulnerability Assessment
Microsoft's Security Compliance Toolkit of SCT is a package of tools for the latest versions of Windows operating systems. The tools allow administrators to easily set Microsoft-recommended security configurations as a baseline for all Windows and Microsoft operating systems and programs. Using the toolkit, administrators can review their Group Policy Objects (GPOs) and compare them to Microsoft recommendations. They can also review other configurations, edits, and store GPO backup files.