Sammlung von probing tools. Ausprobieren!
A small script that adds some "security by obscurity" to WP in order to make a worm's life somewhat harder
(SWAAT) is a free static web application source code auditing tool
An open webservice, that let cute little XSSler store their stolen session credentials
Some small bookmarklets for display of webpage infos like hidden fileds
Yet another JS portscanner
Attacking ASCII based protocolls via HTML forms
Some websec papers on caching issues and new ways for user auth / focusses on phishing and pharming