Category Code Auditing

PHP Security Scanner is a tool written in PHP intended to search PHP code for vulnarabilities. MySQL DB stores patterns to search for as well as the results from the search. The tool can scan any directory on the file system.

Pixy is an Open-Source Vulnerability Scanner that identifies SQL, XSS problems in PHP applications.

OWASP Tiger is a Windows application originally intented to be used for automating the process of testing various known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce alerts, notifications that something is wrong with the application(s) or service(s) being tested.

LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications.

Internet is an amazing virtual world where you can "virtually" do anything : gambling, playing, watching movies, shopping, working, “VoIPying†, spying other people and for sure auditing remote systems.

New Tool that intends to analyze PHP files for security holes.

Paros Proxy is a Java application that can not only monitor and capture all HTTP and HTTPS data passing between servers and clients, it can also track cookies and form fields and allows you to modify and resend individual requests. It also supports proxy-chaining, filtering and performs intelligent vulnerability scanning

Look for common misconfigurations and information leaks in
ASP.NET applications.