首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 峰会 看雪商城 证书查询
  1. 社区
  2. WEB安全
    3. 发新帖
[转帖]WEB安全工具集
发表于: 2010-4-13 08:16 12137

[转帖]WEB安全工具集

零时 活跃值
2010-4-13 08:16
12137
LiveCDs
Monday, January 29, 2007 4:02 PM 828569600 AOC_Labrat-ALPHA-0010.iso - 669K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8S2j5$3E0W2N6r3k6G2j5%4g2K6i4K6u0W2j5$3!0E0i4K6u0r3K9r3q4U0K9$3!0K6i4K6u0r3
DVL (Damn Vulnerable Linux) - 8a4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8S2L8h3&6$3N6h3I4F1k6i4u0S2j5X3I4W2L8r3W2F1N6i4S2Q4x3X3g2G2M7X3N6Q4x3V1j5`.

Test sites / testing grounds
SPI Dynamics (live) - 9a5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4A6W2M7X3!0Q4x3X3g2%4k6h3u0S2M7s2m8K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3y4G2L8g2)9J5c8R3`.`.
Cenzic (live) - 066K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4J5j5h3y4C8L8h3g2Q4x3X3g2U0k6h3&6*7K9h3y4Q4x3X3g2U0L8$3#2Q4x3V1j5`.
Watchfire (live) - 085K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8W2L8h3!0Q4x3X3g2@1k6i4y4@1k6X3W2J5k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Acunetix (live) - 1f4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8W2M7%4c8H3K9s2m8Q4x3X3g2S2j5%4g2F1k6i4c8A6P5q4)9J5k6h3y4G2L8g2)9J5c8R3`.`. 617K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8W2M7%4c8S2M7%4m8Q4x3X3g2S2j5%4g2F1k6i4c8A6P5q4)9J5k6h3y4G2L8b7`.`. d68K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8W2M7%4c8S2M7%4m8F1k6i4c8Q4x3X3g2S2j5%4g2F1k6i4c8A6P5q4)9J5k6h3y4G2L8b7`.`.
WebMaven / Buggy Bank - 387K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2S2N6X3g2F1M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2U0L8$3#2Q4x3V1k6%4k6h3u0E0j5i4k6W2L8R3`.`.
Foundstone SASS tools - 21cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6G2N6h3&6V1M7%4c8G2L8X3g2Q4x3X3g2U0L8$3#2Q4x3V1k6#2M7#2)9J5c8Y4u0W2M7$3!0#2M7X3y4W2M7#2)9J5k6r3k6J5k6h3g2Q4x3X3c8@1L8$3!0D9M7#2)9J5k6h3q4K6M7l9`.`.
Updated HackmeBank - a61K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3)9J5i4K6u0V1L8%4g2F1j5$3g2G2M7r3g2F1i4K6u0W2j5$3!0E0i4K6u0r3N6r3g2U0K9r3&6A6j5$3q4D9i4K6u0V1K9h3&6X3L8#2)9J5c8U0t1H3x3o6S2Q4x3V1j5I4x3W2)9J5c8U0S2Q4x3V1k6#2M7r3c8S2N6r3g2V1i4K6u0V1N6X3g2J5M7$3W2G2L8W2)9J5k6r3!0X3i4K6u0V1K9r3q4U0L8h3g2T1j5h3&6C8i4K6u0W2K9s2c8E0L8l9`.`.
OWASP WebGoat - f19K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6a6g2@1q4e0f1q4)9#2k6W2N6W2j5V1N6G2j5i4c8Q4y4h3k6b7M7X3!0B7k6h3y4@1
OWASP SiteGenerator - 69eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6a6N6$3q4K6M7q4)9#2k6W2y4A6N6r3g2s2k6h3&6W2M7X3q4@1L8%4t1`.
Stanford SecuriBench - 836K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4#2K9h3k6Q4x3X3g2K6N6r3q4F1k6X3!0J5k6q4)9J5k6h3g2V1N6g2)9J5c8W2)9%4c8h3I4A6N6Y4y4Z5K9i4c8K6i4K6u0r3M7$3g2U0N6i4u0A6j5X3g2F1j5$3S2Q4x3V1j5`.
SecuriBench Micro - bfeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4#2K9h3k6Q4x3X3g2K6N6r3q4F1k6X3!0J5k6q4)9J5k6h3g2V1N6g2)9J5c8W2)9%4c8h3I4A6N6Y4y4Z5K9i4c8K6i4K6u0r3N6$3!0J5K9#2)9J5c8Y4y4W2j5%4g2J5K9h3u0W2L8X3y4Z5i4K6u0V1L8h3W2U0M7X3!0Q4x3V1j5`.

HTTP proxying / editing
WebScarab - 5b4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3g2$3g2T1f1$3y4S2M7X3q4T1i4K6g2X3f1s2u0G2K9X3g2U0N6l9`.`.
Burp - 9e3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8G2M7Y4c8K6N6$3W2Y4k6$3g2J5i4K6u0W2L8X3g2@1i4K6u0r3
Paros - 081K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8S2M7X3!0K6M7s2u0G2P5s2W2Q4x3X3g2G2M7X3N6Q4x3V1j5`.
Fiddler - 53cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6A6k6r3c8D9k6i4u0@1L8$3!0D9i4K6u0W2j5$3!0E0i4K6u0r3
Web Proxy Editor - cdbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8X3#2K6M7s2u0W2M7%4y4Q4x3V1k6U0L8$3#2H3j5h3&6A6L8$3&6Q4x3V1j5H3i4K6u0V1y4K6x3#2y4W2)9J5k6o6t1I4z5o6N6Q4x3X3c8j5i4K6u0r3
Pantera - 044K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3f1r3q4F1N6r3g2J5j5g2)9#2k6W2N6W2j5W2)9#2k6V1q4K6M7$3g2K6M7$3#2W2L8Y4c8Q4y4h3k6e0N6s2g2V1K9h3!0Q4y4h3k6b7M7X3!0B7k6h3y4@1
Suru - 6f3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2L8Y4y4W2M7r3!0K6N6q4)9J5k6h3y4G2L8g2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0r3M7%4g2J5N6g2)9J5c8R3`.`.
httpedit (curses-based) - d22K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6W2N6i4c8J5j5h3I4T1K9i4c8Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8W2)9J5c8Y4u0V1i4K6u0r3K9s2c8@1M7r3g2V1K9i4c8Q4x3V1j5`.
Charles - 3b4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4S2C8y4K6u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0K9r3q4J5L8r3g2K6i4K6u0r3
Odysseus - 30eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0A6L8X3c8K6K9r3g2D9L8q4)9J5k6h3&6W2N6q4)9J5c8Y4c8G2L8$3I4K6i4K6u0r3L8$3c8&6M7%4y4W2N6i4x3`.
Burp, Paros, and WebScarab for Mac OS X - 7e7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4G2M7Y4y4S2K9i4u0W2i4K6u0W2j5$3!0E0i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8K6i4K6u0r3
Web-application scanning tool from `Network Security Tools'/O'Reilly - 2f3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3g2^5j5h3#2H3L8r3g2K6i4K6u0W2L8%4u0W2K9h3I4D9P5g2)9J5k6h3y4G2L8g2)9J5c8X3&6W2N6s2N6G2M7X3E0K6N6q4)9J5c8R3`.`.
JS Commander - 165K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6K6j5$3#2V1i4K6u0W2M7Y4g2T1P5h3k6G2M7X3N6W2i4K6u0W2L8%4u0Y4i4K6u0r3
Ratproxy - 68cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3M7X3q4@1M7s2u0G2P5s2W2Q4x3V1j5`.

RSnake's XSS cheat sheet based-tools, webapp fuzzing, and encoding tools
Wfuzz - 076K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3g2V1k6$3g2Q4x3X3c8K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3y4G2L8g2)9J5c8Y4N6X3N6i4A6*7i4K6u0W2M7r3S2H3
ProxMon - 444K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2K6k6h3y4H3j5i4u0@1L8X3g2J5M7#2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8%4S2E0L8$3&6Q4x3X3g2Z5N6r3#2D9
Wapiti - 80eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6S2M7r3W2@1K9g2)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
Grabber - ae9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0Y4j5i4g2U0K9r3g2J5i4K6u0W2K9h3&6X3L8#2)9J5c8X3u0W2N6r3q4Q4x3V1k6Y4M7X3q4T1j5X3g2J5i4K6u0r3
XSSScan - 4b9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8S2M7X3E0U0L8$3c8W2i4K6u0W2j5i4c8Z5i4K6u0W2j5%4S2Q4x3V1k6K6j5$3q4F1L8X3g2J5M7#2)9J5c8W2S2e0f1%4y4U0j5h3&6Q4x3X3g2H3P5b7`.`.
CAL9000 - 93cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3b7@1q4x3z5e0l9H3x3q4)9#2k6W2m8J5L8$3A6W2j5%4b7`.
HTMangLe - c2dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6A6M7$3S2F1k6i4c8K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3y4G2L8g2)9J5c8W2c8G2L8$3I4K6i4K6u0r3d9q4c8y4j5h3&6Y4e0r3g2Q4x3V1k6H3N6h3u0D9K9i4y4Z5i4K6u0W2K9s2c8E0
JBroFuzz - bf0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6B7j5Y4u0G2k6Y4g2*7P5R3`.`.
XSSFuzz - 4ffK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2S2i4K6u0W2j5$3E0W2M7Y4y4Q4x3X3g2G2M7X3N6Q4x3V1k6T1L8r3!0Y4i4K6u0r3x3U0l9H3y4U0l9&6x3U0q4Q4x3V1k6^5M7%4y4X3N6i4A6*7i4K6u0V1M7X3g2D9k6h3q4K6k6h3c8Q4x3V1j5`.
WhiteAcid's XSS Assistant - e06K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6Z5K9i4c8W2j5h3y4A6k6q4)9J5k6h3!0J5k6#2)9J5c8X3N6J5k6h3q4K6k6h3#2G2L8X3E0W2P5g2)9J5c8R3`.`.
Overlong UTF - fc9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8X3#2K6M7s2u0W2M7%4y4Q4x3V1k6U0L8$3#2H3j5h3&6A6L8$3&6Q4x3V1j5H3i4K6u0V1y4K6x3#2y4W2)9J5k6o6t1I4z5o6N6Q4x3X3c8j5i4K6u0r3
[TGZ] MielieTool (SensePost Research) - 37cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8S2j5$3E0W2N6s2y4@1L8%4u0E0M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2G2M7X3N6Q4x3V1k6g2e0V1W2j5i4K6u0r3N6i4c8A6L8r3W2@1K9h3g2K6i4K6u0r3L8h3W2W2L8r3W2W2N6r3!0G2L8s2y4Q4x3X3c8$3x3g2)9J5k6e0m8Q4x3X3g2@1k6%4Z5`.
RegFuzzer: test your regular expression filter - 480K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0Y4j5i4g2U0K9r3g2J5i4K6u0W2K9h3&6X3L8#2)9J5c8X3u0Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9J5c8Y4m8G2M7%4c8Q4x3V1j5J5x3o6l9%4i4K6u0r3x3o6g2Q4x3V1j5J5y4W2)9J5c8W2u0W2k6@1k6#2P5Y4A6W2M7W2)9J5y4e0y4m8i4K6u0V1g2r3g2K6N6q4)9J5k6s2W2G2N6i4u0Q4x3X3c8J5k6h3N6#2L8r3q4J5i4K6u0V1k6i4S2H3M7X3g2K6M7$3W2G2L8W2)9J5k6r3k6A6L8s2c8W2M7R3`.`.
screamingCobra - df6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8S2j5$3S2T1x3r3c8W2L8W2)9J5k6h3y4G2L8g2)9J5c8Y4m8J5L8$3A6W2j5%4c8K6i4K6u0r3M7$3y4J5k6h3q4E0K9h3&6Y4j5$3!0T1M7X3q4Q4x3X3g2Z5N6r3#2D9
SPIKE and SPIKE Proxy - 652K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3W2E0L8i4g2F1K9i4c8&6M7$3g2U0i4K6u0W2j5$3!0E0i4K6u0r3M7X3g2K6L8%4g2J5j5$3g2K6i4K6u0V1k6Y4u0W2k6i4y4G2k6Y4c8%4j5i4u0W2i4K6u0W2M7$3S2@1L8h3H3`.
RFuzz - 4c6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0X3N6i4A6*7i4K6u0W2M7Y4g2T1P5h3k6G2M7X3N6W2i4K6u0W2L8%4u0Y4i4K6u0r3
WebFuzz - a15K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4G2k6r3g2T1M7X3g2S2K9$3g2J5M7#2)9J5k6r3A6G2N6i4u0F1j5h3I4Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3!0H3N6r3W2G2L8W2)9K6c8r3y4G2L8g2)9#2k6X3y4G2L8Y4c8W2L8Y4c8Q4x3U0k6@1j5i4y4C8i4K6y4p5N6X3W2W2N6#2)9J5y4X3W2V1i4K6y4p5x3e0p5J5i4K6t1$3d9i4c8W2L8h3W2V1i4K6y4p5z5e0V1&6z5e0V1&6z5e0V1`.
TestMaker - 60aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8#2M7$3S2@1L8%4c8W2M7%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6p5L8$3y4K6i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8K6i4K6u0r3k6X3g2S2N6s2g2J5k6i4y4Q4x3X3g2Z5N6r3#2D9
ASP Auditor - 1d9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2A6j5$3S2S2k6h3I4V1j5i4N6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3q4K6M7q4)9J5k6r3q4#2k6r3W2@1L8%4u0Q4x3X3c8$3x3W2)9J5c8R3`.`.
WSTool - b2aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6K6N6r3!0G2L8q4)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
Web Hack Control Center (WHCC) - 40bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6M7%4W2K6j5h3c8E0K9h3&6Q4x3X3g2U0L8$3#2Q4x3V1k6%4K9r3y4U0i4K6u0r3
Web Text Converter - 043K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8X3#2K6M7s2u0W2M7%4y4Q4x3V1k6U0L8$3#2H3j5h3&6A6L8$3&6Q4x3V1j5H3i4K6u0V1y4K6x3#2y4W2)9J5k6o6t1I4z5o6N6Q4x3X3c8j5i4K6u0r3
HackBar (Firefox Add-on) - c12K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0x3^5z5e0W2Q4x3V1j5`.
Net-Force Tools (NF-Tools, Firefox Add-on) - e5aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6W2N6q4)9J5k6r3k6G2M7X3y4W2i4K6u0W2L8X3I4Q4x3V1k6D9K9h3u0J5j5i4u0&6i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8K6i4K6u0r3
PostIntercepter (Greasemonkey script) - c0cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6k6i4u0K6j5%4u0A6M7s2c8K6i4K6u0W2L8%4u0Y4i4K6u0r3M7$3y4J5K9i4m8@1M7#2)9J5c8Y4y4Z5L8%4N6Q4x3V1j5%4y4o6x3`.

HTTP general testing / fingerprinting
Wbox: HTTP testing tool - e96K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2H3K9h3&6Y4i4K6u0W2L8%4u0Y4i4K6u0r3N6$3u0G2P5q4)9J5c8R3`.`.
ht://Check - 701K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2@1j5$3S2W2j5$3E0Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Mumsie - adaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3I4#2M7X3S2I4i4K6u0W2j5$3!0E0i4K6u0r3N6r3!0G2L8s2y4Q4x3V1k6E0N6h3#2K6K9h3g2Q4x3X3g2Z5N6r3#2D9
WebInject - 49bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6W2j5X3W2F1K9X3g2U0N6q4)9J5k6h3!0J5k6#2)9J5c8R3`.`.
Torture.pl Home Page - 9d5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4@1k6h3W2F1i4K6u0W2j5%4y4Z5L8q4)9J5k6h3!0J5k6#2)9J5c8W2)9%4c8h3I4K6N6r3g2A6L8W2)9J5c8Y4c8G2M7Y4c8#2M7X3g2Q4x3V1j5`.
JoeDog's Seige - 3deK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3A6G2k6h3c8G2k6#2)9J5k6h3!0J5k6#2)9J5c8V1A6G2k6f1c8G2k6#2)9J5c8W2y4A6k6h3N6W2i4K6u0r3
OPEN-LABS: metoscan (http method testing) - 2a5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0H3k6h3&6Q4x3X3c8D9j5h3u0K6i4K6u0W2L8%4u0Y4i4K6u0r3
Load-balancing detector - 122K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3N6W2i4K6u0W2L8h3W2F1k6g2)9J5k6h3&6#2i4K6u0r3L8r3u0V1i4K6u0W2K9s2c8E0L8l9`.`.
HMAP - 6e9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2B7k6h3&6A6i4K6u0W2L8i4g2J5K9%4W2J5L8$3y4Q4x3X3g2U0L8$3#2Q4x3V1k6Z5L8h3q4H3i4K6u0r3
Net-Square: httprint - e87K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2N6q4)9J5k6s2y4I4N6h3q4J5k6g2)9J5k6h3y4G2L8g2)9J5c8X3S2@1N6s2m8J5K9h3&6@1i4K6u0r3
Wpoison: http stress testing - 7a2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6H3L8$3W2K6L8$3&6Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Net-square: MSNPawn - 16dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2N6q4)9J5k6s2y4I4N6h3q4J5k6g2)9J5k6h3y4G2L8g2)9J5c8X3#2K6L8Y4m8S2N6$3&6Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4y4Z5N6r3#2D9
hcraft: HTTP Vuln Request Crafter - 34cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8J5N6h3W2V1i4K6u0W2j5$3q4#2k6$3S2I4i4K6u0W2L8%4u0Y4i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6Z5j5%4u0S2k6Y4c8Q4x3V1j5`.
rfp.labs: LibWhisker - 269K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6A6M7X3g2@1M7X3W2H3i4K6u0W2L8X3g2@1i4K6u0r3M7X3k6H3i4K6u0r3L8s2N6Q4x3X3g2S2M7%4l9`.
Nikto - 97cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4A6M7Y4c8Q4x3X3g2F1k6i4c8Q4x3V1k6U0L8$3c8W2i4K6u0r3L8X3W2C8N6r3!0Q4x3X3g2K6K9s2c8E0L8l9`.`.
twill - db4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8%4K9h3I4D9i4K6u0W2K9h3c8&6L8r3I4Q4x3X3g2G2M7X3N6Q4x3V1j5`.
DirBuster - 79aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3c8r3W2J5b7Y4g2K6N6r3g2J5i4K6g2X3f1s2u0G2K9X3g2U0N6l9`.`.
[ZIP] DFF Scanner - 250K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4W2j5%4g2J5K9i4c8&6i4K6u0V1L8X3g2@1i4K6u0W2j5X3W2*7i4K6u0r3k6X3W2D9k6i4y4Q4x3V1k6V1k6X3k6Q4x3V1k6p5c8V1k6Q4x3X3g2*7K9i4l9`.
[ZIP] The Elza project - 42aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8S2j5$3E0W2N6s2y4@1L8%4u0E0M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2G2M7X3N6Q4x3V1k6%4k6h3u0Q4x3V1k6W2L8s2A6S2i4K6u0V1x3g2)9J5k6e0c8Q4x3X3f1%4i4K6u0V1j5X3g2@1j5g2)9J5k6i4A6A6M7l9`.`. 26eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4@1L8$3g2$3i4K6u0W2L8%4u0Y4i4K6u0r3k6h3I4*7j5g2)9J5k6h3S2@1L8h3H3`.
HackerFox and Hacking Addons Bundled: Portable Firefox with web hacking addons bundled - 752K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4X3i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6Z5j5h3y4C8k6X3!0^5

Browser-based HTTP tampering / editing / replaying
TamperIE - 884K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0S2P5h3c8W2L8W2)9J5k6h3y4G2L8g2)9J5c8V1!0@1K9r3g2J5i4K6u0r3
isr-form - 153K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2F1k6X3!0T1P5i4c8W2i4K6u0W2j5$3!0E0i4K6u0W2j5i4u0Q4x3V1k6V1k6i4k6W2L8r3!0H3L8h3g2F1N6s2y4Q4x3X3g2Z5N6r3#2D9
Modify Headers (Firefox Add-on) - e9fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2G2k6r3W2X3P5h3S2W2j5h3c8W2M7Y4y4Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
Tamper Data (Firefox Add-on) - c26K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8S2L8i4m8W2M7X3c8S2N6r3q4Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
UrlParams (Firefox Add-on) - 027K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5J5z5e0m8Q4x3V1j5`.
TestGen4Web (Firefox Add-on) - c81K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5K6z5o6g2Q4x3V1j5`.
DOM Inspector / Inspect This (Firefox Add-on) - f17K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5^5x3o6k6Q4x3V1j5`. 79dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5&6x3e0y4Q4x3V1j5`.
LiveHTTPHeaders / Header Monitor (Firefox Add-on) - 0e5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3I4A6N6X3g2Z5N6s2c8H3K9r3g2S2k6r3g2J5M7#2)9J5k6h3#2G2P5X3c8W2N6W2)9J5k6h3!0J5k6#2)9J5c8R3`.`. 594K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0f1%4y4g2)9J5c8R3`.`.

Cookie editing / poisoning
[TGZ] stompy: session id tool - ae2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3I4U0j5h3#2@1N6h3k6Q4x3X3g2U0L8%4u0W2k6s2g2E0M7q4)9J5k6h3y4^5i4K6u0r3M7%4c8G2L8i4m8&6i4K6u0W2N6r3N6*7
Add'N Edit Cookies (AnEC, Firefox Add-on) - e63K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4V1k6r3&6W2k6r3W2@1j5$3!0G2K9$3W2W2M7#2)9J5k6h3#2G2P5X3c8W2N6W2)9J5k6h3!0J5k6#2)9J5c8R3`.`.
CookieCuller (Firefox Add-on) - 672K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2L8$3E0A6k6h3y4#2L8r3I4W2M7W2)9J5k6h3#2G2P5X3c8W2N6W2)9J5k6h3!0J5k6#2)9J5c8R3`.`.
CookiePie (Firefox Add-on) - 84eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6W2K9%4c8J5j5g2)9J5k6h3y4G2L8g2)9J5c8X3!0K6M7#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6W2P5s2c8W2L8Y4y4A6L8$3&6K6i4K6u0r3j5$3!0G2K9$3W2W2M7r3W2W2i4K6u0r3
CookieSpy - 0dbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4G2k6r3g2H3M7X3!0B7k6h3y4@1i4K6u0W2j5$3!0E0i4K6u0r3M7$3S2W2L8r3I4Q4x3V1k6U0L8$3!0C8K9h3g2K6M7s2W2Q4x3X3g2S2M7%4l9`.
Cookies Explorer - 455K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8#2N6r3y4Z5k6s2g2U0K9#2)9J5k6h3y4G2L8g2)9J5c8V1k6W2j5i4c8#2M7X3g2K6i4K6u0r3b7$3!0G2K9$3W2W2M7#2)9J5k6h3q4K6M7s2R3`.

Ajax and XHR scanning
Sahi - 6caK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4S2K9r3W2Q4x3X3g2U0L8#2)9J5k6h3W2F1i4K6u0r3
scRUBYt - 03bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4U0M7Y4g2T1P5i4c8Q4x3X3g2G2M7X3N6Q4x3V1j5`.
jQuery - 9e8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6I4N6h3g2J5P5g2)9J5k6h3y4G2L8g2)9J5c8R3`.`.
jquery-include - dd0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3A6I4N6h3g2J5P5g2)9J5k6r3W2F1j5$3I4#2k6r3f1`.
Sprajax - 476K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8W2L8X3W2E0k6%4u0G2N6i4m8Q4x3X3g2U0L8$3#2Q4x3V1k6K6M7s2u0S2K9X3q4^5i4K6u0W2K9s2c8E0L8l9`.`.
Watir - afbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6@1M7W2)9J5k6i4u0#2j5Y4W2X3L8%4u0Y4k6g2)9J5k6h3!0J5k6#2)9J5c8R3`.`.
Watij - 810K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6S2N6r3W2B7i4K6u0W2j5$3!0E0i4K6u0r3
Watin - 590K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6S2N6r3W2F1i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
RBNarcissus - c40K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3W2V1L8$3&6@1M7$3#2G2K9$3g2Q4x3X3g2U0L8#2)9J5k6i4g2C8i4K6u0r3x3U0l9H3y4g2)9J5c8Y4u0T1L8X3q4J5j5$3W2K6M7%4g2K6i4K6u0r3
SpiderTest (Spider Fuzz plugin) - 64bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2U0j5h3u0G2L8#2)9J5k6i4y4W2i4K6u0r3j5i4u0@1K9h3y4D9k6i4y4Q4x3V1j5J5x3o6l9%4i4K6u0r3x3W2)9J5c8U0t1I4i4K6u0r3N6r3S2W2i4K6u0V1k6X3q4T1N6h3I4G2N6i4y4Q4x3X3c8K6M7r3W2V1k6i4u0Q4x3X3c8X3N6i4A6*7i4K6u0V1M7r3I4#2k6$3W2F1
Javascript Inline Debugger (jasildbg) - e64K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6S2M7$3W2D9k6r3u0Y4i4K6u0W2k6$3!0G2k6$3I4W2M7r3q4Y4k6i4y4Q4x3X3g2U0L8$3#2Q4x3V1j5`.
Firebug Lite - b07K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6W2N6r3k6A6M7X3g2T1N6h3N6Q4x3X3g2U0L8$3#2Q4x3V1k6D9K9i4c8W2i4K6u0W2K9s2c8E0L8l9`.`.
firewaitr - 7bbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3k6X3W2J5k6i4N6S2N6r3W2J5i4K6u0r3

RSS extensions and caching
LiveLines (Firefox Add-on) - b0dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0x3J5y4q4)9J5c8R3`.`.
rss-cache - be8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8#2j5X3k6A6M7X3g2Q4x3X3g2F1k6i4c8Q4x3V1k6U0K9s2u0A6M7#2)9J5c8Y4m8J5L8$3A6W2j5%4c8K6i4K6u0r3M7Y4y4K6i4K6u0V1j5$3q4U0K9r3g2Q4x3V1j5`.

SQL injection scanning
0x90.org: home of Absinthe, Mezcal, etc - cc3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8U0m8^5z5e0m8Q4x3X3g2G2M7X3N6Q4x3V1k6J5k6h3I4W2j5i4y4W2M7#2)9J5k6i4m8Z5M7l9`.`.
SQLiX - 529K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3f1#2q4x3K9g2S2Q4y4h3k6b7M7X3!0B7k6h3y4@1
sqlninja: a SQL Server injection and takover tool - 0b7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4I4L8r3&6A6L8X3A6S2i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
JustinClarke's SQL Brute - c52K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3A6#2M7%4c8A6L8X3y4D9j5i4u0C8k6g2)9J5k6h3y4G2L8g2)9J5c8X3q4J5j5$3S2A6N6X3g2K6i4K6u0r3x3U0l9H3y4W2)9J5c8U0l9K6i4K6u0r3M7%4q4D9j5Y4u0#2N6r3g2Q4x3X3g2Z5N6r3#2D9
BobCat - fddK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6G2M7Y4c8Z5k6i4u0F1i4K6u0V1L8h3!0F1K9$3g2W2i4K6u0W2j5$3!0Q4x3X3g2#2K9#2)9J5c8Y4m8J5L8$3A6W2j5%4c8K6i4K6u0r3j5X3!0T1j5$3q4@1i4K6u0r3j5X3!0T1j5$3q4@1i4K6u0W2K9s2c8E0L8l9`.`.
sqlmap - 91bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4I4L8r3#2S2M7q4)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
Scully: SQL Server DB Front-End and Brute-Forcer - c95K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2L8Y4y4W2M7r3!0K6N6q4)9J5k6h3y4G2L8g2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0r3M7$3y4#2L8r3I4&6i4K6u0r3
FG-Injector - 6e7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6D9L8%4N6Y4j5i4c8W2i4K6u0W2L8X3g2@1i4K6u0r3i4K6y4r3L8r3q4F1k6#2)9K6c8r3g2F1i4K6t1$3M7$3g2U0j5$3W2G2L8W2)9K6c8r3S2W2M7Y4u0S2L8h3W2W2L8Y4c8S2M7H3`.`.
PRIAMOS - e72K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8J5K9h3q4E0L8%4y4Q4x3X3c8H3M7X3!0B7k6h3y4@1i4K6u0W2j5$3!0E0i4K6u0r3

Web application security malware, backdoors, and evil code
W3AF: Web Application Attack and Audit Framework - b75K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4M7K6j5h3k6Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Jikto - 72cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0#2M7$3W2F1x3%4y4K6i4K6u0W2L8X3q4E0k6g2)9J5c8X3A6A6K9%4c8G2i4K6u0V1K9h3&6Q4x3X3c8@1K9r3g2Q4x3X3c8%4K9h3I4V1i4K6u0r3
XSS Shell - 4d9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6W2M7Y4u0#2K9q4)9J5k6h3#2S2N6X3W2@1N6h3&6S2i4K6u0W2j5$3!0E0i4K6u0r3j5i4u0@1K9h3y4D9k6g2)9J5c8W2)9K6c8U0p5K6x3K6R3`.
XSS-Proxy - 80dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4S2K6M7#2)9J5k6s2m8J5L8%4S2&6i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4b7`.
AttackAPI - 498K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3q4@1N6r3q4U0K9$3q4H3K9g2)9J5c8R3`.`.
FFsniFF - d12K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4*7N6i4u0A6N6q4)9J5k6h3g2D9j5X3W2S2K9r3!0K6N6r3W2F1k6#2)9J5k6i4y4C8i4K6u0r3k6X3k6K6L8X3W2X3k6W2)9J5c8R3`.`.
HoneyBlog's web-based junkyard - 915K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2G2L8X3g2&6j5X3I4G2k6#2)9J5k6h3!0J5k6#2)9J5c8X3A6#2L8X3E0&6j5i4u0V1i4K6u0r3N6$3g2T1i4K6u0V1j5X3q4K6k6h3c8Q4x3V1j5`.
BeEF - 57dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0A6L8X3c8K6K9r3g2D9L8q4)9J5k6h3&6W2N6q4)9J5c8Y4c8G2L8$3I4K6i4K6u0r3j5X3g2W2k6W2)9J5c8R3`.`.
Firefox Extension Scanner (FEX) - be8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3k6W2P5q4)9J5c8R3`.`.
What is my IP address? - 441K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2k6$3I4G2M7#2)9J5k6h3c8W2i4K6u0r3L8i4W2S2k6r3c8J5k6i4y4K6i4K6u0r3
xRumer: blogspam automation tool - 59fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0G2N6r3#2S2M7%4c8W2M7W2)9J5k6h3&6W2N6q4)9J5c8X3#2G2N6X3W2W2M7#2)9J5c8W2S2r3N6h3I4D9i4K6u0W2K9s2c8E0
SpyJax - af6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2W2M7X3y4Z5j5h3&6@1L8%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6E0j5h3E0W2j5X3g2@1j5g2)9J5c8Y4c8G2L8$3I4K6i4K6u0r3M7%4m8&6K9X3q4^5i4K6u0r3
Greasecarnaval - a99K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3N6J5k6h3q4K6k6h3y4S2M7X3&6S2N6X3q4D9
Technika - 622K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8Y4c8W2j5$3S2F1K9h3E0S2i4K6u0r3
Load-AttackAPI bookmarklet - 7adK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6F1N6h3y4A6N6r3W2*7k6h3&6Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3I4G2j5h3c8Q4x3X3c8S2N6s2c8S2j5$3E0S2M7r3W2Q4x3X3c8T1L8$3!0C8L8h3q4J5K9$3I4W2N6l9`.`.
MD's Projects: JS port scanner, pinger, backdoors, etc - 4e1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2A6j5$3S2S2k6h3I4V1j5i4N6Q4x3X3g2G2M7X3N6Q4x3V1k6E0P5g2)9J5k6s2m8J5L8$3A6W2j5%4c8K6i4K6u0r3

Web application services that aid in web application security assessment
Netcraft - 561K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6W2N6r3y4J5j5h3k6@1i4K6u0W2L8X3g2@1
AboutURL - aadK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4T1L8%4g2@1N6i4u0D9i4K6u0W2j5$3!0E0i4K6u0r3
The Scrutinizer - 6b9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4U0M7Y4g2@1K9h3&6A6P5X3g2@1K9r3W2K6i4K6u0W2j5$3!0E0i4K6u0r3
net.toolkit - 0a0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4D9k6i4A6Q4x3X3g2F1k6i4c8Q4x3V1j5`.
ServerSniff - d83K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2M7Y4k6W2M7Y4y4F1K9h3k6X3i4K6u0W2L8X3g2@1i4K6u0r3
Online Microsoft script decoder - d6bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6J5k6i4W2E0j5h3N6A6j5#2)9J5k6h3y4G2L8g2)9J5c8Y4y4W2j5%4g2J5K9i4c8&6i4K6u0r3N6r3!0G2L8s2y4Q4x3V1k6V1k6h3y4G2k6r3g2J5i4K6u0r3
Webmaster-Toolkit - e14K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6W2j5X3#2S2M7%4c8W2M7W2)9J5k6s2c8G2L8$3I4C8K9i4c8Q4x3X3g2U0L8$3#2Q4x3V1j5`.
myIPNeighbbors, et al - fcaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8A6k6$3N6Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8V1#2&6d9g2m8z5k6h3W2Y4K9r3u0G2M7Y4y4Q4y4h3k6r3K9h3&6V1i4K6g2X3e0%4g2@1i4K6g2X3g2$3S2G2i4K6g2X3c8h3I4K6k6g2)9#2k6X3W2K6i4K6g2X3d9r3!0K6N6r3g2V1i4K6g2X3L8$3&6Q4y4h3k6k6L8%4g2J5i4K6g2X3f1$3W2@1k6g2)9#2k6Y4y4Q4y4h3k6u0f1q4)9#2k6V1q4V1k6s2u0W2M7%4x3`.
PHP charset encoding - 666K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3R3@1K9#2)9J5k6h3W2F1i4K6u0r3k6h3&6U0L8$3c8A6L8X3M7`.
data: URL testcases - 93eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3R3@1K9#2)9J5k6h3W2F1i4K6u0r3k6r3q4@1j5i4g2J5L8l9`.`.

Browser-based security fuzzing / checking
Zalewski's MangleMe - d07K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3I4U0j5h3#2@1N6h3k6Q4x3X3g2U0L8%4u0W2k6s2g2E0M7q4)9J5k6h3y4^5i4K6u0r3L8h3q4F1k6$3I4W2L8h3g2Q4x3V1k6E0j5h3&6Y4L8r3g2Q4x3X3g2U0k6$3V1`.
hdm's tools: Hamachi, CSSDIE, DOM-Hanoi, AxMan - 1cbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2W2N6r3q4K6M7r3I4G2K9i4c8Q4x3X3g2U0L8$3#2Q4x3V1k6#2M7$3g2J5M7#2)9J5c8X3S2V1L8g2)9J5c8Y4c8G2L8$3I4K6i4K6u0r3
Peach Fuzzer Framework - a27K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8W2j5h3y4Z5k6Y4g2*7P5W2)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
TagBruteForcer - e29K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0W2k6h3g2&6k6g2)9J5k6h3y4G2L8g2)9J5c8X3S2@1L8h3I4Q4x3V1k6@1L8$3!0D9M7#2)9J5c8W2u0f1x3U0l9H3y4U0l9^5x3o6q4Q4x3X3b7K6i4K6u0W2K9s2c8E0L8l9`.`.
PROTOS Test-Suite: c05-http-reply - 27eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3g2W2i4K6u0W2L8%4g2D9N6g2)9J5k6h3k6A6i4K6u0r3M7X3g2K6k6h3q4J5j5$3S2Q4x3V1k6G2N6i4y4H3k6#2)9J5c8Y4m8J5L8%4c8G2M7#2)9J5c8Y4c8W2M7%4c8A6L8X3N6Q4x3V1k6U0x3o6g2Q4x3V1k6Z5N6s2c8H3i4K6u0V1M7X3g2H3L8s2W2Q4x3V1k6A6L8X3c8W2P5q4)9J5k6h3S2@1L8h3H3`.
COMRaider - 147K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3I4S2j5Y4y4Q4x3X3g2A6k6r3g2X3k6h3&6K6k6g2)9J5k6h3y4G2L8b7`.`.
bcheck - e9dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0U0K9r3g2U0K9#2)9J5k6i4y4U0j5h3&6A6N6q4)9J5k6h3u0W2i4K6u0r3j5X3y4Z5k6h3y4C8i4K6u0r3
Stop-Phishing: Projects page - 083K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2F1k6r3W2S2L8X3q4Q4x3X3g2W2k6s2g2Q4x3V1k6Q4y4@1g2H3K9r3W2K6K9r3W2F1k6#2)9J5c8W2)9K6c8Y4m8J5L8$3A6W2j5%4c8K6
LinkScanner - 9b5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3I4A6L8X3E0K6j5$3q4F1L8X3g2J5i4K6u0W2k6i4S2H3L8r3q4T1M7#2)9J5k6h3y4G2L8g2)9J5c8X3I4A6L8X3E0K6j5$3q4F1L8X3g2J5i4K6u0r3k6r3g2X3j5i4g2D9N6q4)9J5k6h3q4K6M7l9`.`.
BrowserCheck - f92K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3S2W2K9i4y4W2i4K6u0V1M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2U0L8#2)9J5k6i4g2C8i4K6u0r3M7$3g2J5N6X3W2U0k6i4y4Q4x3V1k6T1M7X3!0%4M7$3g2J5j5$3S2W2j5$3E0Q4x3V1j5`.
Cross-browser Exploit Tests - 5a7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3A6#2L8X3N6K6L8$3&6F1M7%4c8#2k6r3W2G2M7#2)9J5k6h3y4G2L8g2)9J5c8X3y4G2L8$3I4Q4x3X3g2H3K9s2l9`.
Stealing information using DNS pinning demo - e5eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3A6#2L8i4m8W2M7Y4A6Q4x3X3g2F1k6i4c8Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3W2Q4x3@1b7J5i4K6t1$3j5g2)9K6c8o6q4Q4x3U0k6T1i4K6y4p5y4H3`.`.
Javascript Website Login Checker - d13K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2S2i4K6u0W2j5$3E0W2M7Y4y4Q4x3X3g2G2M7X3N6Q4x3V1k6%4k6h3W2J5k6q4)9J5c8X3A6S2N6X3q4K6j5%4u0A6M7s2c8Q4x3X3c8%4k6h3u0K6K9i4c8W2i4K6u0V1L8r3!0Y4K9h3&6Q4x3X3c8U0K9r3g2U0K9$3g2J5i4K6u0W2K9s2c8E0L8l9`.`.
Mozilla Activex - e90K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2G2L8q4)9J5k6h3W2W2i4K6u0r3i4K6N6q4L8r3!0U0K9$3q4Q4x3V1k6E0L8%4A6A6L8r3I4S2i4K6u0r3L8h3!0*7K9h3I4D9j5g2)9J5k6h3S2@1L8b7`.`.
Jungsonn's Black Dragon Project - ab2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9j5h3y4C8k6s2u0S2k6$3!0F1i4K6u0W2K9Y4g2F1k6%4y4G2L8X3&6K6N6s2g2V1K9h3!0K6i4K6u0W2j5$3!0E0i4K6u0r3
Mr. T (Master Recon Tool, includes Read Firefox Settings PoC) - aa0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2S2i4K6u0W2j5$3E0W2M7Y4y4Q4x3X3g2G2M7X3N6Q4x3V1k6E0M7W2)9J5k6s2c8Q4x3V1j5`.
Vulnerable Adobe Plugin Detection For UXSS PoC - a0fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6e0m8^5x3o6l9H3x3o6l9H3i4K6u0W2j5$3!0E0i4K6u0r3i4K6y4r3K9g2)9K6c8o6x3J5y4l9`.`.
About Flash: is your flash up-to-date? - 725K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2S2j5%4u0G2L8h3g2V1K9h3q4Q4x3X3g2U0L8$3#2Q4x3V1k6K6L8$3k6@1N6$3q4J5k6g2)9J5c8X3k6D9j5i4y4Z5i4K6u0r3j5h3u0G2N6i4c8Q4x3V1j5`.
Test your installation of Java software - f6bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6S2N6X3q4Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8W2)9J5c8X3c8G2N6$3&6D9L8$3q4V1i4K6u0r3K9h3&6K6N6r3q4D9L8r3g2V1i4K6u0W2K9Y4y4H3i4K6y4r3k6r3g2@1k6h3y4@1i4K6y4p5K9Y4u0W2i4K6t1$3N6s2u0&6i4K6y4p5x3b7`.`.
WebPageFingerprint - Light-weight Greasemonkey Fuzzer - 07aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6k6i4u0K6j5%4u0A6M7s2c8K6i4K6u0W2L8%4u0Y4i4K6u0r3M7$3y4J5K9i4m8@1M7#2)9J5c8Y4y4Z5L8%4N6Q4x3V1j5K6x3o6t1^5y4b7`.`.

PHP static analysis and file inclusion scanning
PHP-SAT.org: Static analysis for PHP - f06K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8J5L8$3N6J5j5h3#2Q4x3X3c8@1M7X3q4F1M7$3k6G2M7X3#2S2N6r3W2G2L8W2)9J5k6h3!0J5k6#2)9J5c8W2m8t1f1q4)9J5c8R3`.`.
Unl0ck Research Team: tool for searching in google for include bugs - ad8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2F1L8o6m8U0K9#2)9J5k6h3&6W2N6q4)9J5c8Y4c8G2L8$3I4K6i4K6u0W2M7r3S2H3
FIS: File Inclusion Scanner - c73K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2k6$3k6S2N6h3I4@1i4K6u0W2k6%4u0Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8X3y4S2N6q4)9#2k6X3W2V1i4K6y4p5x3#2)9J5y4X3y4G2L8Y4c8Q4y4h3k6A6k6q4)9K6c8o6t1#2
PHPSecAudit - ab5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8W2N6X3g2D9L8%4m8W2M7W2)9J5k6i4y4H3K9h3E0W2M7$3!0#2M7X3y4W2i4K6u0W2j5$3!0E0i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6H3K9s2m8K6k6h3y4S2N6h3c8A6N6l9`.`.

PHP Defensive Tools
PHPInfoSec - Check phpinfo configuration for security - 1a3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8Z5M7s2y4W2j5#2)9J5k6h3!0J5k6#2)9J5c8Y4m8J5L8$3A6W2j5%4c8K6i4K6u0r3M7r3S2H3M7$3g2U0K9h3&6X3L8#2)9J5c8R3`.`.

A Greasemonkey Replacement can be found at cfaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6Q4x3U0y4@1L8$3!0D9M7#2)9J5k6h3N6J5k6h3q4K6k6h3#2G2L8X3E0W2P5b7`.`.
Php-Brute-Force-Attack Detector - Detect your web servers being scanned by brute force tools such as WFuzz, OWASP DirBuster and vulnerability scanners such as Nessus, Nikto, Acunetix ..etc. 3abK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6H3M7U0m8B7M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0W2M7r3S2H3i4K6u0r3M7r3S2H3i4K6g2X3j5Y4u0#2N6r3g2Q4y4h3k6X3L8%4u0U0k6g2)9#2k6X3c8W2N6r3g2U0N6q4)9J5k6i4A6A6M7l9`.`.
PHP-Login-Info-Checker - Strictly enforce admins/users to select stronger passwords. It tests cracking passwords against 4 rules. It has also built-in smoke test page via url loginfo_checker.php?testlic

d96K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6H3M7U0m8B7M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0W2M7r3S2H3i4K6u0r3L8r3!0Y4K9h3&6X3L8#2)9#2k6X3y4Z5k6h3y4C8k6i4u0$3x3q4)9J5k6e0q4Q4x3X3g2*7K9i4l9`.

212K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6H3M7U0m8B7M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0W2M7r3S2H3i4K6u0r3M7r3S2H3L8r3!0Y4K9h3&6X3L8#2)9#2k6X3y4Z5k6h3y4C8k6i4u0Q4y4h3k6V1k6h3#2G2i4K6u0W2P5X3W2H3
php-DDOS-Shield - A tricky script to prevent idiot distributed bots which discontinue their flooding attacks by identifying HTTP 503 header code. 551K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3k6r3c8G2M7#2)9J5k6s2y4Z5K9h3g2D9k6q4)9J5c8R3`.`.
PHPMySpamFIGHTER - d4aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6H3M7U0m8B7M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0W2M7r3S2H3i4K6u0r3M7r3S2H3L8i4W2K6M7r3q4E0k6X3W2Y4K9s2c8W2M7W2)9J5k6i4A6A6M7l9`.`. 6ffK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6H3M7U0m8B7M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0W2M7r3S2H3i4K6u0r3M7r3S2H3e0i4W2e0M7r3q4E0c8X3W2Y4K9s2c8W2M7W2)9#2k6X3c8W2L8h3!0Q4x3X3g2J5j5i4t1`.

Web Application Firewall (WAF) and Intrusion Detection (APIDS) rules and resources
APIDS on Wikipedia - 13fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3g2F1i4K6u0W2N6$3W2C8K9i4m8W2k6r3W2S2i4K6u0W2L8%4u0Y4i4K6u0r3N6$3W2C8K9g2)9J5c8V1q4b7d9f1c8e0
PHP Intrusion Detection System (PHP-IDS) - 25fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8Z5M7q4)9J5k6r3W2V1M7#2)9J5k6h3!0J5k6#2)9J5c8R3`.`. 429K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3M7r3S2H3K9h3c8K6i4K6u0r3
dotnetids - 6b0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2Y4L8$3!0Y4L8r3g2Q4x3X3g2U0L8$3#2Q4x3V1k6H3i4K6u0r3k6r3!0@1L8X3g2@1K9h3c8K6i4K6u0r3
Secure Science InterScout - f0dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2j5%4g2J5k6i4y4U0K9h3g2F1j5$3g2Q4x3X3g2U0L8$3#2Q4x3V1k6Z5L8$3#2W2i4K6u0r3L8X3g2%4M7$3q4F1k6r3g2$3k6h3&6@1M7#2)9J5c8X3&6W2N6%4y4Q4x3V1k6A6L8Y4c8W2M7Y4y4U0L8%4g2@1x3g2)9J5k6e0m8Q4x3X3g2Z5N6r3#2D9
Remo: whitelist rule editor for mod_security - a96K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2L8h3!0Q4x3X3g2F1k6i4c8F1k6h3q4Q4x3X3g2U0L8$3#2Q4x3V1j5`.
GotRoot: ModSecuirty rules - bc2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6G2N6s2u0G2L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6@1K9h3E0A6i4K6u0V1K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3@1k6H3j5h3N6W2i4K6y4p5L8h3!0V1i4K6g2X3M7$3g2U0N6i4u0A6N6s2W2Q4x3V1u0J5N6h3I4W2M7H3`.`.
The Web Security Gateway (WSGW) - 14fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6K6k6%4N6Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
mod_security rules generator - 600K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6G2k6h3I4B7j5h3y4C8M7$3!0F1i4K6u0W2j5$3!0E0i4K6u0r3N6r3!0G2L8s2y4Q4x3V1k6E0L8$3c8K6k6h3y4#2M7X3W2@1P5g2)9J5c8R3`.`.
Mod_Anti_Tamper - 59cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6A6M7$3g2U0i4K6u0W2K9i4c8Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5k6i4m8Z5M7q4)9K6c8X3W2V1i4K6y4p5x3H3`.`.
[TGZ] Automatic Rules Generation for Mod_Security - 797K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4N6A6M7$3g2U0i4K6u0W2K9i4c8Q4x3V1k6J5k6s2u0Q4x3X3g2H3K9s2m8Q4x3@1k6X3L8W2)9K6c8q4)9J5c8W2m8J5L8$3A6W2j5%4c8K6i4K6u0r3f1Y4g2D9k6g2)9J5k6r3!0Q4x3X3c8E0j5i4c8A6j5#2)9J5k6i4c8Y4P5R3`.`.
AQTRONIX WebKnight - cd8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4I4N6s2u0G2L8X3W2^5i4K6u0W2j5$3!0E0i4K6u0r3i4K6y4r3f1r3q4Y4k6f1W2p5i4K6y4p5z5e0V1`.
Akismet: blog spam defense - 902K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4C8K9i4y4E0k6i4c8Q4x3X3g2U0L8$3#2Q4x3V1j5`.
Samoa: Formal tools for securing web services - 726K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0W2L8h3W2U0M7X3!0K6L8$3k6@1i4K6u0W2j5$3!0E0i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6K6j5h3#2G2j5g2)9J5c8R3`.`.

Web services enumeration / scanning / fuzzing
WebServiceStudio2.0 - 86eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4G2k6r3g2H3L8r3g2^5i4K6u0W2j5$3!0E0i4K6u0r3g2$3g2T1M7$3g2J5N6X3W2U0k6g2y4@1N6h3c8A6L8H3`.`.
Net-square: wsChess - 6dfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2N6q4)9J5k6s2y4I4N6h3q4J5k6g2)9J5k6h3y4G2L8g2)9J5c8Y4N6K6j5$3S2W2M7%4y4Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4y4Z5N6r3#2D9
WSFuzzer - eeaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3g2#2y4r3N6i4A6*7k6i4u0Q4y4h3k6b7M7X3!0B7k6h3y4@1
SIFT: web method search tool - bf8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4A6k6Y4c8Q4x3X3g2U0L8$3#2Q4x3X3g2S2N6g2)9J5c8U0M7K6i4K6u0r3x3e0M7I4i4K6u0r3M7$3W2X3N6q4)9J5k6s2N6W2j5W2)9J5k6r3#2W2N6r3S2G2k6q4)9J5k6s2y4W2j5i4u0U0K9q4)9J5k6s2c8G2L8$3I4Q4x3X3g2Z5N6r3@1`.
iSecPartners: WSMap, WSBang, etc - 9eeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2K6k6h3y4H3j5i4u0@1L8X3g2J5M7#2)9J5k6h3y4G2L8g2)9J5c8Y4c8G2L8$3I4K6i4K6u0W2K9s2c8E0L8l9`.`.

Web application non-specific static source-code analysis
Pixy: a static analysis tool for detecting XSS vulnerabilities - 28eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2j5$3I4S2j5W2)9J5k6i4c8#2N6$3W2W2L8W2)9J5k6h3q4U0i4K6u0W2j5i4c8Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8Y4m8A6P5s2W2Q4x3V1j5`.
Brixoft.Net: Source Edit - accK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0J5K9i4S2G2k6Y4c8Q4x3X3g2F1k6i4c8Q4x3V1k6H3M7X3!0V1K9h3&6X3L8#2)9J5k6h3q4K6M7q4)9K6c8X3W2V1i4K6y4p5x3b7`.`.
Security compass web application auditing tools (SWAAT) - a49K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6o6j5i4c8W2k6$3!0J5P5g2)9K6b7f1!0i4b7g2y4b7i4K6g2X3f1#2N6m8b7g2c8Q4y4h3k6b7M7X3!0B7k6h3y4@1
An even more complete list here - 44bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4K6i4K6u0W2j5$3#2#2i4K6u0W2k6h3c8#2i4K6u0r3i4K6N6q4j5h3I4V1M7X3W2U0K9q4)9J5c8X3y4G2N6i4u0K6k6i4y4Q4x3V1j5$3y4e0c8Q4x3V1k6@1L8$3!0D9M7#2)9J5c8R3`.`.
A nice list that claims some demos available - 375K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4K6i4K6u0W2j5$3#2#2i4K6u0W2k6h3c8#2i4K6u0r3i4K6N6q4j5h3I4V1M7X3W2U0K9q4)9J5c8X3y4G2N6i4u0K6k6i4y4Q4x3V1j5@1x3e0y4Q4x3V1k6@1L8$3!0D9M7#2)9J5k6h3S2@1L8h3H3`.
A smaller, but also good list - 710K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4H3K9h3&6J5L8$3!0@1i4K6u0W2j5$3!0E0i4K6u0r3M7%4c8S2N6r3W2U0i4K6u0r3
Yasca: A highly extensible source code analysis framework; incorporates several analysis tools into one package. 4c3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4W2S2M7$3y4S2i4K6u0W2L8%4u0Y4i4K6u0r3

Static analysis for C/C++ (CGI, ISAPI, etc) in web applications
RATS - 785K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2j5%4g2J5k6i4y4G2k6Y4c8%4j5i4u0W2i4K6u0W2j5$3!0E0i4K6u0r3M7X3g2K6L8%4g2J5j5$3g2K6i4K6u0r3k6r3!0%4L8X3I4G2j5h3c8Q4y4h3k6J5j5i4c8K6i4K6u0W2K9s2c8E0L8l9`.`.
ITS4 - d04K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4A6k6$3W2@1j5h3I4Q4x3X3g2U0L8$3#2Q4x3V1k6A6N6s2x3@1i4K6u0r3
FlawFinder - 5d8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8%4K9r3g2W2L8r3g2J5i4K6u0W2j5$3!0E0i4K6u0r3k6X3I4S2N6$3k6A6L8X3c8W2M7W2)9J5c8R3`.`.
Splint - cd0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4H3L8r3W2F1N6q4)9J5k6h3!0J5k6#2)9J5c8R3`.`.
Uno - a29K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4H3K9h3&6J5L8$3!0@1i4K6u0W2j5$3!0E0i4K6u0r3N6h3&6G2i4K6u0r3
BOON (Buffer Overrun detectiON) - 98bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4K6i4K6u0W2j5X3g2J5K9$3g2D9k6i4W2Q4x3X3g2W2k6s2g2Q4x3V1k6Q4y4@1g2V1j5i4N6Q4x3V1k6T1L8$3!0F1i4K6u0r3 be0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0G2L8$3&6Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6l9`.`.
Valgrind - 2f7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4k6S2L8r3N6J5K9h3&6V1i4K6u0W2L8%4u0Y4i4K6u0r3

Java static analysis, security frameworks, and web application security tools
LAPSE - 0fdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4#2K9h3k6Q4x3X3g2K6N6r3q4F1k6X3!0J5k6q4)9J5k6h3g2V1N6g2)9J5c8W2)9%4c8h3I4A6N6Y4y4Z5K9i4c8K6i4K6u0r3N6$3!0J5K9#2)9J5c8X3I4S2M7s2y4W2i4K6u0r3
HDIV Struts - 199K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2V1K9i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
Orizon - bb6K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6G2M7X3W2*7L8$3&6Q4x3V1j5`.
FindBugs: Find bugs in Java programs - f52K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6A6L8X3c8T1N6h3N6K6i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
PMD - 023K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8E0k6q4)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
CUTE: A Concolic Unit Testing Engine for C and Java - 9fbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3!0K6L8q4)9J5k6h3y4K6i4K6u0W2N6h3W2#2j5#2)9J5k6h3g2V1N6g2)9J5c8W2)9%4c8h3E0K6k6h3&6Q4x3V1k6U0N6i4c8W2i4K6u0r3
EMMA - 528K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3g2E0L8h3q4Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
JLint - 447K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6D9K9h3&6@1i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
Java PathFinder - 484K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6S2N6X3q4H3j5i4c8Z5k6X3W2F1k6r3g2J5i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
Fujaba: Move between UML and Java source code - dc0K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6$3y4K6i4K6u0W2N6h3&6A6i4K6u0V1M7r3q4V1k6i4u0T1L8%4u0F1i4K6u0W2k6r3g2Q4x3V1k6U0M7#2)9J5c8X3k6#2K9X3q4T1j5g2)9J5c8R3`.`.
Checkstyle - c91K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4Z5k6h3y4C8M7%4c8&6L8r3g2Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Cookie Revolver Security Framework - b61K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6U0L8$3!0C8K9h3g2Q4x3X3c8J5k6i4k6G2L8s2k6W2M7R3`.`.
tinapoc - 58eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6@1K9h3&6S2M7r3!0U0
jarsigner - f9eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6S2N6X3q4Q4x3X3g2K6N6h3&6Q4x3X3g2U0L8$3#2Q4x3V1k6B7x3Y4y4W2i4K6u0r3x3g2)9J5k6e0g2Q4x3X3f1H3i4K6u0r3k6r3!0U0M7#2)9J5c8Y4c8G2L8$3I4V1L8$3y4K6i4K6u0r3M7$3!0D9j5i4u0A6M7#2)9J5c8X3A6S2M7Y4y4A6k6$3&6W2M7W2)9J5k6h3S2@1L8h3H3`.
Solex - 4f1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2L8r3g2^5i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
Java Explorer - 5cdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2W2N6r3q4D9i4K6u0W2K9s2g2J5L8r3q4F1N6q4)9J5k6h3y4G2L8g2)9J5c8X3A6W2P5s2m8D9L8%4u0W2i4K6u0r3
HTTPClient - 81dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2F1L8X3!0$3j5i4c8A6L8$3&6Q4x3X3g2U0K9q4)9J5c8X3A6S2N6X3q4Q4x3V1k6t1g2q4c8b7b7$3I4A6k6h3&6@1i4K6u0r3
another HttpClient - f41K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3A6S2K9$3q4J5N6r3q4Q4x3X3g2S2M7r3q4U0K9r3g2Q4x3X3g2G2M7X3N6Q4x3V1k6U0L8$3#2E0L8$3&6K6i4K6u0r3K9s2c8@1M7r3y4D9K9h3g2F1N6q4)9J5c8R3`.`.
a list of code coverage and analysis tools for Java - 95cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2&6N6r3S2A6L8X3E0H3L8$3&6V1i4K6u0W2j5X3I4G2k6%4y4H3L8%4c8Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6l9%4i4K6u0r3x3o6k6Q4x3V1k6B7j5i4k6S2i4K6u0V1k6X3!0K6M7#2)9J5k6r3k6J5k6h3g2G2M7r3g2F1i4K6u0V1M7$3!0#2M7X3y4W2i4K6u0V1M7$3!0X3N6s2N6S2M7X3g2Q4x3X3g2Z5N6r3#2D9

Microsoft .NET static analysis and security framework tools, mostly for ASP.NET and ASP.NET AJAX, but also C# and VB.NET
Visual Studio 2008 Code Analysis, available in:
VSTS 2008 Development Edition (283K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2K6k6r3&6Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6$3M7%4c8K6x3U0l9H3z5q4)9J5c8Y4m8J5L8$3c8#2j5%4c8K6i4K6u0r3j5X3t1&6x3K6x3%4y4e0u0Q4x3X3g2S2M7%4m8^5i4K6t1&6 and
VSTS 2008 Team Suite (f93K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2K6k6r3&6Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6$3M7%4c8K6x3U0l9H3z5q4)9J5c8Y4m8J5L8$3c8#2j5%4c8K6i4K6u0r3j5X3t1&6x3K6x3%4x3K6g2Q4x3X3g2S2M7%4m8^5i4K6t1&6
Visual Studio 2005 Code Analyzer, available in:
Visual Studio 2005 Team Edition for Software Developers (48dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2K6k6r3&6Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8W2)9J5k6s2g2K6i4K6u0r3N6Y4y4@1N6h3c8A6L8#2)9J5c8X3q4S2y4K6p5^5z5o6l9$3i4K6u0W2j5i4y4H3P5q4)9J5z5b7`.`.
Visual Studio 2005 Team Suite (677K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3#2K6k6r3&6Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6W2L8W2)9J5k6s2g2K6i4K6u0r3N6Y4y4@1N6h3c8A6L8#2)9J5c8X3q4S2y4K6p5^5z5o6l9$3i4K6u0W2j5i4y4H3P5q4)9J5z5b7`.`.
Web Development Helper - 325K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6A6K9$3S2A6L8r3E0Q4x3X3g2F1k6i4c8Q4x3V1k6b7M7X3!0B7k6h3y4@1i4K6u0W2g2$3g2T1c8r3g2$3d9r3g2D9M7r3g2J5i4K6u0W2j5i4y4H3P5l9`.`.
FxCop:
(blog) fa1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6K6i4K6u0W2L8i4y4V1L8W2)9J5k6h3y4G2L8g2)9J5c8X3k6^5j5$3!0H3i4K6u0r3
(download) 28bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4G2k6r3g2Q4x3X3g2E0M7$3c8F1i4K6u0W2L8h3W2U0M7X3!0K6L8$3k6@1i4K6u0W2j5$3!0E0i4K6u0r3j5$3!0V1k6h3q4F1j5h3I4&6M7$3W2K6
Microsoft internal tools you can't have yet:
6d5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8Y4N6A6L8X3c8G2N6%4y4Q4x3V1k6U0M7$3g2Q4x3V1k6H3j5g2)9#2k6Y4m8J5L8$3A6W2j5%4c8K6i4K6u0W2L8i4y4H3P5l9`.`.
b27K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0W2L8h3W2U0M7X3!0K6L8$3k6@1i4K6u0W2j5$3!0E0i4K6u0r3f1r3g2^5i4K6u0r3
434K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3#2S2k6$3g2K6i4K6u0r3y4g2)9J5c8U0g2T1i4K6u0r3e0#2N6m8f1#2m8Q4y4h3k6u0e0q4)9#2k6U0N6Q4y4h3k6r3N6i4A6*7c8%4g2J5N6g2)9J5k6i4m8V1k6R3`.`.

Threat modeling
Microsoft Threat Analysis and Modeling Tool v2.1 (TAM) - b89K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7$3!0X3N6q4)9J5k6h3y4G2L8g2)9J5c8X3c8G2N6$3&6D9L8$3q4V1M7#2)9J5c8X3c8W2N6r3q4A6L8s2y4Q4x3X3g2S2M7%4m8^5i4K6y4r3c8X3q4E0K9h3I4&6d9f1c8Q4x3@1b7#2z5e0R3^5z5o6l9%4z5q4)9J5k6o6W2V1j5h3k6Q4x3X3b7@1k6e0V1$3i4K6u0V1j5U0N6V1x3g2)9J5k6o6V1@1y4o6M7H3x3K6b7%4z5e0b7#2x3g2)9J5y4X3c8A6M7%4m8D9j5i4W2D9j5h3&6Y4i4K6y4p5k6h3^5`.
Amenaza: Attack Tree Modeling (SecurITree) - c3cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4E0k6h3&6S2P5X3q4Q4x3X3g2U0L8$3#2Q4x3V1k6K6L8$3k6@1N6$3q4J5k6g2)9J5k6i4m8Z5M7l9`.`.
Octotrike - 901K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0U0N6r3!0@1M7X3W2C8k6g2)9J5k6h3!0J5k6#2)9J5c8R3`.`.

Add-ons for Firefox that help with general web application security
Web Developer Toolbar - 9adK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0j5H3i4K6u0r3
Plain Old Webserver (POW) - 634K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0x3H3x3o6u0Q4x3V1j5`.
XML Developer Toolbar - 6ddK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0t1^5z5e0N6Q4x3V1j5`.
Public Fox - 160K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0x3&6x3e0q4Q4x3V1j5`.
XForms Buddy - cadK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0W2j5i4g2X3L8%4g2J5i4K6u0W2k6r3E0Q4x3V1k6A6L8X3c8W2P5q4)9J5k6i4m8Z5M7q4)9K6c8Y4y4W2j5#2)9K6c8r3#2A6M7$3y4Q4x3U0k6H3j5h3N6W2L8X3q4E0k6g2)9K6c8s2S2X3L8%4u0E0M7H3`.`.
MR Tech Local Install - 184K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2J5N6r3g2U0K9q4)9J5k6h3y4G2L8g2)9J5c8X3g2^5N6r3g2F1M7$3W2G2L8Y4y4Q4x3V1k6D9L8$3y4S2L8q4)9#2k6X3W2F1M7%4c8S2L8r3I4Q4x3V1j5`.
Nightly Tester Tools - 59cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4g2K6k6i4u0K6i4K6u0W2j5X3I4#2k6i4m8J5K9h3&6@1K9i4c8Q4x3X3g2U0L8#2)9J5k6i4g2C8i4K6u0r3i4K6N6q4k6r3q4$3k6g2)9J5c8Y4N6W2j5W2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6T1N6h3W2D9k6r3W2V1i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2Z5N6r3#2D9
IE Tab - fafK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0p5@1x3e0W2Q4x3V1j5`.
User-Agent Switcher - 685K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0f1&6i4K6u0r3
ServerSwitcher - ba3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0t1@1x3o6W2Q4x3V1j5`.
HeaderMonitor - b3bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0f1%4y4g2)9J5c8R3`.`.
RefControl - 705K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0V1#2x3#2)9J5c8R3`.`.
refspoof - 04eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0j5$3y4#2)9J5c8R3`.`.
No-Referrer - 767K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0p5&6z5e0W2Q4x3V1j5`.
LocationBar^2 - 62aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0b7H3x3e0c8Q4x3V1j5`.
SpiderZilla - cf7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4H3K9h3c8W2M7Y4A6A6L8r3I4S2i4K6u0W2L8h3!0*7k6r3g2$3i4K6u0W2L8%4u0Y4i4K6u0r3
Slogger - 36dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5@1x3H3`.`.
Fire Encrypter - 055K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0x3J5x3o6S2Q4x3V1j5`.

Add-ons for Firefox that help with Javascript and Ajax web application security
Selenium IDE - 7b3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0H3k6h3&6I4j5g2)9J5k6h3!0J5k6#2)9J5c8Y4y4W2L8r3g2F1K9i4g2E0i4K6u0V1K9h3c8W2i4K6u0r3
Firebug - a7cK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3A6G2k6h3S2W2N6$3W2@1N6q4)9J5k6h3y4G2L8g2)9J5c8Y4y4G2k6Y4c8%4j5i4u0W2i4K6u0r3k6X3W2J5k6h3u0#2k6#2)9J5c8R3`.`.
Venkman - bd7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2G2P5X3W2D9L8r3q4Q4x3X3g2G2M7X3N6Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8Y4k6W2L8X3E0E0j5h3&6Q4x3V1j5`.
Chickenfoot - 4daK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3N6J5L8%4g2H3M7#2)9J5k6h3y4K6j5h3W2D9i4K6u0W2L8h3W2@1i4K6u0W2k6h3c8#2i4K6u0r3N6h3W2V1i4K6u0r3j5$3S2A6j5$3E0W2L8X3k6G2L8%4c8Q4x3V1j5`.
Greasemonkey - 27fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3N6J5k6h3q4K6k6i4y4H3L8%4c8Q4x3X3g2F1k6i4c8Q4x3V1j5`.
Greasemonkey compiler - f94K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3I4W2N6r3W2@1j5X3I4G2k6#2)9J5k6h3y4G2L8g2)9J5c8X3N6J5k6h3q4K6k6h3#2G2L8X3E0W2P5g2)9J5k6r3y4G2L8i4m8A6L8r3g2J5i4K6u0r3
User script compiler - ec7K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4J5j5h3&6@1K9i4g2K6i4K6u0W2j5$3!0E0i4K6u0r3L8h3W2K6j5#2)9J5c8X3N6J5k6h3q4K6k6h3#2G2L8X3E0W2P5g2)9J5c8Y4y4U0M7X3W2H3N6q4)9J5k6r3y4G2L8i4m8A6L8r3g2J5
Extension Developer's Extension (Firefox Add-on) - 4dfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8W2k6q4)9J5k6h3#2A6k6h3I4U0P5X3q4J5k6h3E0Q4x3X3g2G2M7X3N6Q4x3V1k6U0L8$3c8W2i4K6u0r3L8h3!0*7K9h3I4D9j5g2)9J5c8X3g2^5N6r3g2F1M7$3W2G2L8X3c8W2N6W2)9J5c8R3`.`.
Smart Middle Click (Firefox Add-on) - 12dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0x3^5z5o6g2Q4x3V1j5`.

Bookmarklets that aid in web application security
RSnake's security bookmarklets - 551K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2S2i4K6u0W2j5$3E0W2M7Y4y4Q4x3X3g2G2M7X3N6Q4x3V1k6T1L8$3!0C8L8h3q4J5K9$3I4W2N6s2y4Q4x3X3g2Z5N6r3#2D9
BMlets - 5c5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3!0H3N6r3!0G2L8s2y4Q4x3X3g2S2N6$3q4J5k6s2y4H3j5h3y4W2i4K6u0W2j5$3!0E0i4K6u0r3j5X3#2D9k6i4c8Q4x3X3g2Z5N6r3#2D9
Huge list of bookmarklets - b51K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4I4N6h3q4J5k6h3k6J5k6h3g2Q4x3X3g2U0L8$3#2Q4x3V1k6T1L8$3!0C8L8h3q4J5K9$3I4W2N6s2y4Q4x3V1j5`.
Blummy: consists of small widgets, called blummlets, which make use of Javascript to provide rich functionality - 21bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3u0D9N6h3#2E0P5g2)9J5k6h3y4G2L8g2)9J5c8R3`.`.
Bookmarklets every blogger should have - ee2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2A6j5%4u0G2M7r3g2J5M7%4g2S2M7$3W2G2L8W2)9J5k6h3y4G2L8g2)9J5c8U0t1H3x3o6g2Q4x3V1j5I4x3q4)9J5c8X3u0G2L8$3E0E0j5i4u0C8L8r3g2@1M7#2)9#2k6X3g2$3i4K6u0W2K9s2c8E0L8l9`.`.
Flat Bookmark Editing (Firefox Add-on) - 6e1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3^5H3x3i4y4W2i4K6u0W2L8X3g2@1i4K6u0r3j5$3S2G2N6i4y4W2M7W2)9J5c8Y4m8J5L8$3A6Q4x3V1k6E0L8%4A6Z5j5h3y4C8i4K6u0r3
OpenBook and Update Bookmark (Firefox Add-ons) - 6e1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4Z5N6h3!0F1N6r3S2A6M7#2)9J5k6h3y4G2L8g2)9J5c8X3g2^5N6r3g2F1M7$3W2G2L8Y4y4Q4x3V1j5`.

SSL certificate checking / scanning
[ZIP] THCSSLCheck - ba3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8Z5j5#2)9J5k6h3!0J5k6#2)9J5c8Y4u0G2L8%4c8Q4x3V1k6@1L8$3!0D9M7#2)9J5c8W2c8t1b7#2y4e0e0p5y4Z5k6h3y4C8i4K6u0W2P5X3W2H3
[ZIP] Foundstone SSLDigger - eaeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6G2N6h3&6V1M7%4c8G2L8X3g2Q4x3X3g2U0L8$3#2Q4x3V1k6#2M7#2)9J5c8Y4u0W2M7$3!0#2M7X3y4W2M7#2)9J5c8Y4c8W2M7X3#2K6L8$3k6#2M7$3g2Q4x3X3g2S2M7%4m8Q4x3@1k6X3K9h3I4W2i4K6y4p5M7%4y4D9k6r3W2Y4k6$3g2J5i4K6u0W2P5X3W2H3
Cert Viewer Plus (Firefox Add-on) - 02dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0p5&6y4U0c8Q4x3V1j5`.

Honeyclients, Web Application, and Web Proxy honeypots
Honeyclient Project: an open-source honeyclient - 042K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3S2G2L8X3g2&6j5$3I4A6k6h3&6@1i4K6u0W2L8%4u0Y4i4K6u0r3N6s2u0S2j5#2)9J5c8R3`.`.
HoneyC: the low-interaction honeyclient - c9aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2G2L8X3g2&6j5#2)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
Capture: a high-interaction honeyclient - 6cfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4S2M7s2c8#2M7X3g2Q4x3X3c8Z5M7r3y4Q4x3X3g2K6L8%4g2J5j5$3g2X3L8%4u0Y4k6g2)9J5k6h3&6W2N6q4)9J5c8R3`.`.
Google Hack Honeypot - d31K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3N6Z5K9q4)9J5k6i4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3
PHP.Hop - PHP Honeynet Project - dbaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4u0K6N6r3q4U0K9#2)9J5k6h3!0J5k6#2)9J5c8Y4m8Z5M7r3S2G2M7q4)9J5c8R3`.`.
SpyBye - 8dbK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2G2L8X3E0W2P5g2)9J5k6h3!0J5k6#2)9J5c8W2)9%4c8i4m8J5L8%4k6G2M7#2)9J5c8Y4y4H3P5h3u0&6k6g2)9J5c8R3`.`.
Honeytokens - 3f4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2j5%4g2J5K9i4c8&6k6X3!0U0N6i4y4Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8X3k6G2j5%4g2K6i4K6u0r3x3e0M7I4x3H3`.`.

Blackhat SEO and maybe some whitehat SEO
SearchStatus (Firefox Add-on) - bdeK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4q4#2K9i4u0C8i4K6u0W2j5X3W2*7i4K6u0r3M7$3g2S2M7X3y4Z5M7%4c8S2N6s2g2K6i4K6u0r3
SEO for Firefox (Firefox Add-on) - b43K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4c8G2L8$3I4K6i4K6u0W2M7$3g2G2j5X3!0G2K9#2)9J5k6h3y4G2L8g2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6K6k6h3!0Q4x3X3c8X3L8%4u0Q4x3X3c8X3K9i4u0W2k6X3!0^5i4K6u0W2K9s2c8E0L8l9`.`.
SEOQuake (Firefox Add-on) - 006K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2L8%4q4#2j5h3E0W2i4K6u0W2j5$3!0E0i4K6u0r3

Footprinting for web application security
Evolution - 010K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8S2N6r3g2J5N6X3q4Q4x3X3g2U0L8$3#2Q4x3V1k6W2N6X3!0D9N6i4c8A6L8$3&6Q4x3X3c8W2i4K6u0W2K9s2c8E0L8l9`.`.
GooSweep - abdK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2U0k6%4u0W2N6%4y4W2j5%4g2J5K9i4c8&6i4K6u0W2j5$3!0E0i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6Y4L8$3!0K6N6$3g2W2M7q4)9J5c8R3`.`.
Aura: Google API Utility Tools - 143K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2L8Y4y4W2M7r3!0K6N6q4)9J5k6h3y4G2L8g2)9J5c8Y4u0W2M7$3g2S2M7X3y4Z5i4K6u0r3j5i4g2J5j5g2)9J5c8R3`.`.
Edge-Security tools - 4ebK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3g2V1k6$3g2Q4x3X3c8K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3y4G2L8g2)9J5c8Y4y4G2k6Y4c8Q4x3X3g2H3K9s2l9`.
Fierce Domain Scanner - ee1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3S2S2i4K6u0W2j5$3E0W2M7Y4y4Q4x3X3g2G2M7X3N6Q4x3V1k6X3K9h3g2J5j5$3g2Q4x3V1j5`.
Googlegath - 601K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6G2N6r3S2A6L8X3E0Q4x3X3g2G2M7X3N6Q4x3V1k6H3k6i4u0D9i4K6u0r3k6$3!0G2k6$3I4W2k6$3q4@1K9q4)9J5c8R3`.`.
Advanced Dork (Firefox Add-on) - 1b1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0t1I4y4o6c8Q4x3V1j5`.
Passive Cache (Firefox Add-on) - 1e5K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0V1%4y4#2)9J5c8R3`.`.
CacheOut! (Firefox Add-on) - 967K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5@1y4e0y4Q4x3V1j5`.
BugMeNot Extension (Firefox Add-on) - c62K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0G2j5h3y4Z5k6X3W2W2L8X3c8Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7X3y4Z5K9i4k6W2M7#2)9J5c8U0t1H3x3o6g2Q4x3V1j5H3x3W2)9J5c8U0l9%4i4K6u0r3j5Y4g2Y4L8h3g2F1L8%4c8Q4x3V1j5`.
TrashMail.net Extension (Firefox Add-on) - 16dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5^5x3e0y4Q4x3V1j5`.
DiggiDig (Firefox Add-on) - ebcK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0t1^5x3e0W2Q4x3V1j5`.
Digger (Firefox Add-on) - ca9K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5@1y4U0N6Q4x3V1j5`.

Database security assessment
Scuba by Imperva Database Vulnerability Scanner - 555K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3W2E0M7r3g2J5N6X3q4Q4x3X3g2U0L8$3#2Q4x3V1k6K6j5%4g2T1j5g2)9J5c8R3`.`.

Browser Defenses
DieHard - 814K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3c8A6k6h3S2S2M7X3c8Q4x3X3c8K6L8$3k6@1N6$3q4J5k6g2)9J5k6h3!0J5k6#2)9J5c8R3`.`.
LocalRodeo (Firefox Add-on) - 52eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3c8S2N6r3q4T1j5i4y4W2L8h3g2F1N6q4)9J5k6h3&6W2N6q4)9J5c8X3I4S2j5Y4y4Q4x3V1k6D9L8$3y4S2L8s2u0G2k6r3g2G2i4K6u0r3
NoMoXSS - b36K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4W2j5$3I4S2j5W2)9J5k6i4c8#2N6$3W2W2L8W2)9J5k6h3q4U0i4K6u0W2j5i4c8Q4x3V1k6H3M7X3!0B7k6h3y4@1M7#2)9J5c8X3A6K6N6r3q4A6L8Y4c8Q4x3V1j5`.
Request Rodeo - 57eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4S2N6X3q4F1L8X3q4Z5i4K6u0W2L8X3!0F1k6$3&6#2i4K6u0W2L8%4u0Y4i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6J5k6i4q4#2k6i4y4@1M7X3!0V1k6h3)9`.
FlashBlock (Firefox Add-on) - 8bfK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6D9j5i4y4Z5j5X3I4G2j5$3E0Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
CookieSafe (Firefox Add-on) - dd9K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0t1@1z5e0M7`.
NoScript (Firefox Add-on) - 10eK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3&6G2M7$3y4J5K9i4m8@1i4K6u0W2L8X3g2@1i4K6u0r3
FormFox (Firefox Add-on) - 1e0K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5#2y4K6W2Q4x3V1j5`.
Adblock (Firefox Add-on) - a6dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4V1j5X3I4G2j5$3E0Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
httpOnly in Firefox (Firefox Add-on) - eeaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2H3K9s2m8Q4x3X3c8K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3!0J5k6#2)9J5c8X3q4J5j5$3S2A6N6X3g2K6i4K6u0r3y4o6m8Q4x3X3c8Z5N6s2c8H3e0$3&6D9P5g2)9J5k6p5y4G2L8$3E0A6k6i4y4Q4x3X3c8A6L8W2)9J5k6p5k6A6M7X3g2X3L8%4S2Q4x3X3b7J5i4K6u0W2x3q4)9J5k6h3S2@1L8h3H3`.
SafeCache (Firefox Add-on) - d81K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4S2k6X3g2U0j5h3y4Z5k6g2)9J5k6h3y4G2L8g2)9J5c8R3`.`.
SafeHistory (Firefox Add-on) - 7e9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4y4S2k6X3g2Z5K9i4y4@1L8%4u0&6i4K6u0W2j5$3!0E0i4K6u0r3
PrefBar (Firefox Add-on) - 094K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4m8J5k6h3k6T1j5i4u0Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
All-in-One Sidebar (Firefox Add-on) - 545K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0p5H3x3U0N6Q4x3V1j5`.
QArchive.org web file checker (Firefox Add-on) - 5abK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0b7I4x3e0g2Q4x3V1j5`.
Update Notified (Firefox Add-on) - d2eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6h3&6Q4x3X3c8g2f1#2)9J5c8X3k6A6M7X3g2X3L8%4S2Q4x3V1k6S2k6r3c8G2L8W2)9J5c8U0t1H3z5e0S2Q4x3V1j5`.
FireKeeper - de9K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6A6M7X3g2C8k6h3g2H3k6i4u0Q4x3X3g2E0L8%4A6V1k6i4k6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
Greasemonkey: XSS Malware Script Detector - 1aaK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4W2W2K9r3N6Q4x3X3g2F1k6i4c8Q4x3V1k6D9j5h3u0Q4x3V1k6Q4x3U0y4@1L8$3!0D9M7#2)9J5k6h3N6J5k6h3q4K6k6h3#2G2L8X3E0W2P5b7`.`.

Browser Privacy
TrackMeNot (Firefox Add-on) - 717K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6r3c8G2L8Y4y4Q4x3X3g2E0L8%4A6A6L8r3I4S2i4K6u0W2L8%4u0Y4i4K6u0r3k6X3W2J5k6h3k6G2P5q4)9J5c8U0x3I4y4K6y4Q4x3V1j5`.
Privacy Bird - f9bK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4m8J5K9i4k6S2j5%4W2T1K9i4u0V1i4K6u0W2j5$3!0E0i4K6u0r3

Application and protocol fuzzing (random instead of targeted)
Sulley - b6fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3k6#2P5Y4A6A6L8X3N6Q4x3X3g2G2M7X3N6Q4x3V1j5`.
taof: The Art of Fuzzing - b23K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4G2N6i4u0U0k6h3k6G2M7X3N6W2i4K6u0W2L8X3g2@1i4K6u0r3M7s2u0G2K9X3g2U0N6s2y4Q4x3V1k6@1j5h3!0X3i4K6u0r3
zzuf: multipurpose fuzzer - 644K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4y4S2L8g2)9J5k6i4A6G2P5g2)9J5k6h3!0J5k6#2)9J5c8Y4A6*7N6h3k6Q4x3V1j5`.
autodafé: an act of software torture - 2d5K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4#2N6r3!0V1j5h3k6W2i4K6u0W2M7$3!0#2M7X3y4W2k6X3!0J5k6$3g2Q4x3X3g2F1k6i4c8Q4x3V1j5`.
EFS and GPF: Evolutionary Fuzzing System - 039K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3q4H3M7r3I4A6k6h3c8K6k6h3y4Q4x3X3g2U0L8$3#2Q4x3V1k6J5k6i4y4G2N6i4u0U0k6i4y4Q4x3X3g2Z5N6r3#2D9

[培训]科锐逆向工程师培训第53期2025年7月8日开班!

收藏
免费 0
支持
分享
最新回复 (23)
shichangll
雪    币: 167
活跃值: (136)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
再鬼仔博客看到过 很不错
2010-4-13 16:55
0
ggggg
雪    币: 1885
活跃值: (1258)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
3
哇~~真丰富,不错~~
2010-4-13 17:30
0
ashell
雪    币: 0
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4
好强大的工具啊!
2010-4-13 19:04
0
panzhen
雪    币: 218
活跃值: (56)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5
恩 看得眼花缭乱
2010-4-14 10:15
0
newine
雪    币: 1849
活跃值: (68)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6
不得了啊。。。。。。
2010-4-15 12:44
0
笨恐龙
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
7
好多工具!有时间一个个个试一试。
2010-4-15 16:55
0
快雪时晴
雪    币: 370
活跃值: (15)
能力值: ( LV9,RANK:170 )
在线值:
发帖
回帖
粉丝
私信
8
Tag:WEB 安全 Safety 工具 Tool
2010-4-15 18:31
0
kaakaa
雪    币: 202
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
9
这么多,还的一个一个的试,收藏了。
2010-4-18 08:27
0
青鸟kai
雪    币: 75
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
10
什么都有了~~
2010-5-1 23:24
0
encipher
雪    币: 201
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
11
这从零开始把人学死算了~
2010-5-12 21:23
0
lgccaa
雪    币: 232
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
12
mark

确实很多,要看都需要很多时间
2010-5-24 17:56
0
林smile
雪    币: 31
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
13
这个看不懂啊
2010-5-27 19:43
0
tsqdhh
雪    币: 0
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
14
下了,还行。。
2010-5-29 18:57
0
dougals
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
15
不错  收藏下
2010-6-5 10:40
0
chinafox
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
16
工具不错!                                                                              服务器安全
2010-6-11 08:30
0
xenophane
雪    币: 212
活跃值: (12)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
17
看的眼花缭乱。。。
2010-6-12 16:30
0
lixupeng
雪    币: 559
活跃值: (349)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
18
真多都英文的
2010-6-22 14:20
0
longmang
雪    币: 201
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
19
这个列表很全,不过OWASP有一段时间没有更新这个列表了。
2010-6-22 23:20
0
longmang
雪    币: 201
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
20
这是原文链接b2aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3!0%4j5i4y4H3i4K6u0W2L8%4u0Y4i4K6u0r3K9h3&6V1k6i4S2Q4x3X3g2H3K9s2m8Q4x3V1k6b7K9r3!0W2L8X3W2^5i4K6u0r3g2r3!0G2L8s2x3`.
2010-6-22 23:22
0
sinitic
雪    币: 41
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
21
额!有点乱,不过收藏了,谢谢!
2010-6-24 13:45
0
sunningboy
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
22
好多工具!有时间一个个个试
2010-6-26 11:12
0
风雪归人
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
23
工具真多啊 多謝了
2010-7-1 21:21
0
xupeihua
雪    币: 19
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
24
全贴E文链接?
没有一点解释的呀?
2010-7-3 01:38
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回