Cross-site scripting (XSS) and SQL injection testing tools

If you need to test a web application for XSS vulnerability and SQL injection there are few tools you can use. Very good in combination with Fiddler. Both are easy-to-install Firefox addons.

NOTE: don't support FF4 - work OK with FF3.6

http://labs.securitycompass.com/index.php/exploit-me/xss-me/

http://labs.securitycompass.com/index.php/exploit-me/sql-inject-me/