Web Application Source Vulnerability Scanners

["Rosado, Rafael (Rafael)" <rarosado () lucent com>]

Does anyone know of open source vulnerability scanners in the Web
Application Source Code security market segment?  I am familiar and aware of
the most common commercial tools (AppScan from Sanctum and WebInspect from
SpiDymanics).  The Open Web Application Application Security Project (OWASP)
has started the development of an open source Weeb Application Vulnerability
scanner called WebScarab, however, it is in the early stages of development.

Any assistance on indentifying specific open source tools (names and web
sites were to download) are greatly appreciated. 

Rafael Rosado, CISSP, CISA
IT Security Manager
Caribbean and Latin America Region (CALA) &
Global Risk Assessment and Penetration Testing
Lucent Technologies O  
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 
2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027 
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) * 
+1 954-648-3532 (mobile) or 9546483532 () mobile att net (text message) *
rarosado () lucent com (email) *

This electronic mail message contains information belonging to Lucent
Technologies, which may be confidential and/or legal privileged. The
information is intended only for the use of the individual or entity named
above. If you are not the intended recipient, you are hereby notified that
any disclosure, printing, copying, distribution, or the taking of any action
in reliance on the contents of this electronically mailed information is
strictly prohibited. If you receive this message in error, please
immediately notify us by electronic mail and delete this message.