Burp Suite is probably the best web application security auditing software available. It has a wide variety of tools that allow you to intercept, modify and automate web application attacks. It has a intuitive user interface with a good level of customisation and allows for third party extensions.
Doing it Deep and Dirty with Nikto the Web Application vulnerability scanner. Nikto will scan web applications for common vulnerabilities. It will also analyse headers and cookies for common security misconfigurations. Nikto is a good tool for discovering web application vulnerabilities.
Nessus, pounding vulnerable ports. Nessus is a powerful vulnerability scanner that can be used to discover vulnerabilities on machines. Nessus has a variety of different scanning methods including web application scans, compliance scans, credentialed patch audits and many others.
Pwnhub presents – Poking a vulnerable box with Nmap to find weaknesses. Nmap is a powerful tool used for network mapping. It also has a powerful scripting engine which can be used to perform a number of scans or attacks. This video explores the various Nmap scanning techniques. See the full post over on HaXeZ.