Webpage:http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
Below is a list of tools we've found useful in solving the WebGoat lessons. You will need WebScarab to solve most of the lessons.
Like WebGoat, WebScarab is a part of OWASP.
WebScarab is a framework for analyzing applications that
communicate using the HTTP and HTTPS protocols. Because WebScarab
operates as an intercepting proxy, we can review and modify requests
and responses.
Webpage:http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
Firebug is an add-on for the Firefox browser. We can use it to inspect, edit and monitor CSS, HTML and JavaScript.
Webpage:http://www.getfirebug.com
IEWatch is a tool to analyse HTTP and HTML for users of the Internet Explorer.
Webpage:http://www.iewatch.com
Wireshark is a network protocol analyzer. You can sniff network traffic and gather useful
informations this way.
Webpage:http://www.wireshark.org
There exist a lot of vulnerability scanner for your own web applications. They can find XSS, Injection Flaws and other vulnerabilities. Here the links to two open source scanner.
Nessus:http://www.nessus.org
Paros:http://www.parosproxy.org