The Nessus scanner supports a plugin architecture that allows anyone to develop security checks in the NASL (Nessus Attack Scripting Language) language. We have contributed the plugins below to the Nessus effort.
If you have not yet used Nessus, it is worth the time to check it out, as it beats the commercial scanners hands-down.
Netscape /.perf Accessible
(by Sullo) This plugin requests the /.perf URI from web servers and determines if it is revealing detailed system information.
NTP Read Variables
(by David) This plugin checks for NTP on the remote server and determines if it freely gives unnecessary information to remote systems.
Cross Site Scripting
(by Sullo, now replaced by Tenable). This plugin checks web servers to see if they are vulnerable to the cross site scripting (XSS) problems. Unlike previous plugins, this checks multiple file extensions that may effect multiple different web servers.