I am trying to find an open source tool to scan for XSS and SQL vulnerabilities in our web application. There are many tools available. Please give feedback if you all have tried following tools OR If you know better open source tool. (Tool should support PHP)
4. Netsparker (community version )
6. SQL power Injector
I tried Netsparker but there is a error shown when running saying SQL Compact version 3.5 is needed. And I cannot install SQL Compact version 3.5 in Windows XP.