w3af is a web application attack and audit framework. It's got 3 forms of plugins; discovery, audit and attack that communicate with each other for almost any vulnerabilities in web page, as an example a discovery plugin in w3af appears for various url’s to check for vulnerabilities and ahead it into the audit plugin which then utilizes these URL