If you are referring to a site that you own, I recommend checking out the Samurai Web Testing Framework. This is a live CD that has the absolute best open source Web-testing tools. It is free, and all of the tools are compiled and ready to go.
Once you get the environment up and running, I recommend looking at w3af, a Web application attack and audit framework, and the Burp suite of tools, an integrated platform for testing Web apps. These tools check your applications for vulnerabilities like cross-site scripting, SQL injection and command injection.
Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)
Related Q&A from John Strand, featured expert
Expert John Strand reviews how to spot input validation flaws on your websites.continue reading
Expert John Strand reveals an interesting way of addressing man-in-the-middle attacks.continue reading
In this expert response, John Strand explains what to do when your personal identity is impersonated online.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.