1.Netsparker Community Edition (Windows)
This program can detect SQL injection and cross-page scripting events. It will provide you with some solutions when the test is complete.
2.Websecurify (Windows, Linux, Mac OS X)
This is an easy-to-use open source tool, and there are some people plug-in support that can automatically detect Web page vulnerabilities . Test reports can be generated in multiple formats after running.
3.Wapiti (Windows, Linux, Mac OS X)
This is an open source tool written in Python that detects Web applications and probes the points of injection that exist in a Web page.
4.n-stalker free Version (Windows)
This tool can detect more than 100 pages at a time, including cross-page scripting.
5.skipfish (Windows, Linux, Mac OS X)
This is a lightweight security testing tool that handles up to 2000 requests per second in a fast process.
6.SCRAWLR (Windows)
A free software from HP to detect SQL injection vulnerabilities.
7.Watcher (Windows)
This is a fiddler plugin that can be run silently in the background, detect cross-domain commits, and so on.
8.x5s (Windows)
The same is also the Fiddler plug-in, used to detect the existence of XSS vulnerability, in the Web page provided to the user input of the filter <,, > and other characters.
9.exploit-me (Windows, Linux, Mac OS X)
This is the Firefox plug-in, by Xss-me,sql Inject Me and Access-me These 3 components, when browsing the web will start detection, can detect XSS vulnerability, SQL injection vulnerability.
10.WebScarab (Windows, Linux, Mac OS X)
This is actually a proxy software, there are many functions, you can detect XSS cross-site scripting vulnerabilities, SQL injection vulnerabilities and so on.
11.Acunetix free Version (Windows)
This is a free version, there are some feature limitations relative to the pro version, but can still be used to detect XSS vulnerabilities on the site.
This article is from "Ghost" blog, please make sure to keep this source http://fangwei009.blog.51cto.com/5234706/1944519
11 Free web security testing tools