Wapiti
http://sourceforge.net/projects/wapiti/
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... It use the Python programming language.