WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.
It aims to become a tool that may be used automatically or interactively to test web applications for their security. WebScarab is written in 100% pure java and designed using a fairly clean set of interfaces to allow for removal and substitution of existing components, or addition of new analysis systems.
Download Link:- https://github.com/OWASP/OWASP-WebScarab