Web Application Source Vulnerability Scanners

Does anyone know of open source vulnerability scanners in the Web Application Source Code security market segment? I am familiar and aware of the most common commercial tools (AppScan from Sanctum and WebInspect from SpiDymanics). The Open Web Application Application Security Project (OWASP) has started the development of an open source Weeb Application Vulnerability scanner called WebScarab, however, it is in the early stages of development.

Any assistance on indentifying specific open source tools (names and web sites were to download) are greatly appreciated.

Rafael Rosado, CISSP, CISA
IT Security Manager
Caribbean and Latin America Region (CALA) & Global Risk Assessment and Penetration Testing Lucent Technologies O
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) *
+1 954-648-3532 (mobile) or 9546483532@mobile.att.net (text message) *
rarosado@lucent.com (email) *

This electronic mail message contains information belonging to Lucent Technologies, which may be confidential and/or legal privileged. The information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, printing, copying, distribution, or the taking of any action in reliance on the contents of this electronically mailed information is strictly prohibited. If you receive this message in error, please immediately notify us by electronic mail and delete this message. Received on Thu Feb 27 14:37:45 2003