Webpage:http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
Here we want to present you some useful tools. You will need WebScarab to solve most of the lessons.
As WebGoat, WebScarab is a part of OWASP.
WebScarab is a framework for analysing applications that
communicate using the HTTP and HTTPS protocols. Because WebScarab
operates as an intercepting proxy, we can review and modify requests
and responses.
Webpage:http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
Firebug is an add-on for the Firefox browser. We can use it to inspect, edit and monitor CSS, HTML and JavaScript.
Webpage:http://www.getfirebug.com
IEWatch:
IEWatch is a tool to analyse HTTP and HTML for users of the Internet Explorer.
Webpage:http://www.iewatch.com
There exist a lot of vulnerability scanner for your own web applications. They can find XSS, Injection Flaws and other vulnerabilities. Here the links to two open source scanner.
Nessus:http://www.nessus.org
Paros:http://www.parosproxy.org