Evan and I have a web app scanner called Jawfish that (as of this writing) does not work.
It’s never worked. It looks nice, the GUI is fine, but the middleware’s been screwy forever. For the longest time, the repo didn’t even include the requirements.txt file for pip or list the dependencies in the readme. It was a total bane to run in the first place.
Yet, due to some press by LIFARS.com and other outlets, it’s more starred than any of my more useful work on Github.
Even OWASP Benchmark only has 52 stars. The implications of that project are huge and can really advance infosec.