Arachnarium is a plug-and-play benchmark framework for crawlers that can run experiments at scale against both local, standalone web applications and live websites.
JAW is a scalable framework to analyze client-side JavaScript programs. JAW can be used to conduct interactive and exploratory analysis of JavaScript code.
Deemon detects CSRF in PHP/SQL web applications by combining dynamic analysis with property graphs.
Guenther tests web applications against Server Side Request (SSR) abuse including Web Origin Laundering, Server Side Request Forgery (SSRF) and other abuses.