Hello. Can anyone suggest some software that does a good vulnerability scan for a webserver? including a scan looking for vulnerable php and cgi scrpts etc etc? i'd like to use something that keeps an updated database of vulnerable scripts that it scans for. I'd like to find something that also scanned for cross-site scripting!