Often there is a misconception around Security Professionals that Web Application Penetration Testing requires a lot of expensive tools. Whilst some of the really good tools are expensive such as Metasploit Pro or Acunetix, there are a lot of free and really powerful tools out there.

Today we would like to introduce some very useful Penetration Testing plugins for the Firefox Browser.

1. XSS Me

Awesome little tool sidebar to test for Cross Site Scripting

2. SQL Inject Me

Great tool to find SQL injection vulnerabilities

Those tools can be downloaded at: http://labs.securitycompass.com/exploit-me/