XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
Inj3ct0r 1337day.com : Exploit database separated by exploit type (local, remote, DoS, Poc, etc.)
HTTP Security Report : Get an instant report of how your website measures up to the best practices.
Check connection encryption, content security, information disclosure and...
WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.