Arachni is a feature-full, modular, high-performance Ruby Framework aimed towards helpingpenetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process. Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application’s cyclomatic complexity. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled byArachni.
The author notified us of a major new release (v0.3) which has some great new features, a few of those being:
- A new custom-written, lightweight Spider
- Add-on support for the WebUI
- Improved accuracy of differental analysis audits
- Improved accuracy of timing attack audits
- Highly optimized timing attacks
Read more here: http://arachni.segfault.gr/news
stingedit 