Vega is an open source platform to test the security of web applications. Vega helps you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, uses db4o v8.0 for persistence with a shared data model and runs on Linux, OS X, and Windows.


However the software is more than just a scanner and proxy. It's a platform for developing new types of tests for web applications so it should be interesting for developers since it's extensible and open source, licensed under the EPL (Eclipse Public License) 1.0 which can be combined freely with db4o software thanks to the dOCL.