Arachni is a web application security scanner designed to help organizations identify and address potential security vulnerabilities in their web applications. It is a free, open source tool that is used to detect and identify known and unknown vulnerabilities in web applications. It is designed to audit both the server-side and client-side components of a web application, and can detect a variety of issues from SQL injection to Cross-Site Scripting (XSS). It also has the ability to detect security misconfigurations and vulnerabilities in the underlying operating system and application frameworks. Arachni is capable of automating the process of exploiting web application vulnerabilities and can generate detailed reports on the findings. It can also be used to benchmark web applications in order to provide a baseline for security testing.
Skipfish is no longer maintained. The latest version, 2.10 beta, released in December 2012, can still be downloaded from Google Code Archive.