Talking to Bryan Sullivan on the SDL team last week, I came to know about a cool new security testing tool - "Watcher". This is a plugin to web debuging proxy Fiddler and checks for more than 35 different vulnerabilites.  Yes, its Free!!

This new plugin can be downloaded from http://websecuritytool.codeplex.com/. Be sure to install Fiddler before you install Watcher. For more details on the tool - Read this blog post.

Happy bug hunting !!
Anmol Malhotra