Out of all security scanners, w3af easily offers the best user-friendly interface with maximum amount of powerful execution. w3af’s official website explains their tool as:
“[w3af] is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. Use w3af to identify more than 200 vulnerabilities and reduce your site’s overall risk exposure. Identify vulnerabilities like SQL Injection, Cross-Site Scripting, Guessable credentials, Unhandled application errors and PHP misconfigurations.”