**Burp Suite Professional:** Industry-standard web scanner with active and passive scanning - **OWASP ZAP:** Free, open-source web application scanner - **Acunetix:** Commercial web vulnerability scanner - **Nikto:** Open-source web server scanner (covered in Chapter 10) - **Nuclei:** Template-based