If you are referring to a site that you own, I recommend checking out the Samurai Web Testing Framework. This is a live CD that has the absolute best open source Web-testing tools. It is free, and all of the tools are compiled and ready to go.
Once you get the environment up and running, I recommend looking at w3af, a Web application attack and audit framework, and the Burp suite of tools, an integrated platform for testing Web apps. These tools check your applications for vulnerabilities like cross-site scripting, SQL injection and command injection.
Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)
Related Q&A from John Strand, featured expert
Expert John Strand explains how to shore up security as you plan a large-scale advertising campaign.continue reading
Expert John Strand reviews how to spot input validation flaws on your websites.continue reading
Expert John Strand reveals two exciting trends in antivirus software.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.