WebInspect automatically scans Flash, and will in fact download SWF files and scan them statically for vulnerabilities during a standard (dynamic) web site or web services (SOAP) scan.  This is enabled On by default under the Edit menu > Default Scan Settings > Content Analyzers panel > Flash (On or Off).

From the Help (F1):  "If you enable the Flash analyzer, WebInspect analyzes Flash files, Adobe's vector graphics-based resizable animation format."  If you high-light a SWF ile in the Site Tree pane, WebInspect will display it as HTML and not binary data (mentioned in the Help).  Note also that SWF files and JavaScript include files are not subject to the Requestor scan settings for "Limit maximum response size to ___".

If you Search within the included Policy Manager tool for checks with the name "flash", you will see many of the items that would show up when scanning a SWF file.

When recording a (Login) Web Macro against Flash, you may be forced to use the TruClient, Mozilla-based rendering engine.  I believe the Help guide (see "Unsupported Elements") mentions that the IE-based engine cannot handle select technologies such as Flash.

The advent of this capability was a freeware, proof-of-concept tool SPI Dynamics (pre-HP/HP) had released called SWFscan, which can still be found within WebInspect's Tools menu.  Once we sorted out the capability, it was added to the standard scan and so the tool is hardly ever used now.