Test your web apps with Google's new Skipfish vulnerability scanner!
By gravax on Mar 23, 2010
Google's just made available a beta (for some reason, all the cool stuff I use from Google is labled "beta" these days) version of Skipfish, their new fully automated, active web application security reconnaissance tool (I'm quoting their page on that last sentence).
Grab the baby here!
It's looking very good to test your own code... but seems to be VERY noisy, so don't use it to stealthily probe other people's sites... you WILL get detected. :) (Maybe that's a voluntary design goal to avoid criminals using it - I have no issue with it.)