Script to audit web applications - Perl
Features and changes made in lilith

got rid of many many false positives (that’s good)
when SQL error is found, it now goes onto next var
improved (i hope) scanning engine
(anti) coldfusion support
better cookie handling and cookie tampering
omitted perl HTML::Form limitation
better verbose output
extensive logging
detects directory indexing
recursive URL dissection
cleaned up this pasta code

Download
http://michaelhendrickx.com/wp-content/uploads/2008/11/lilith-06atar.gz