Well it's about time there was a list of web security tools and where you can get them from.

So here is what I have come up with. Please feel free to add any more tools that you know about.

Whisker http://www.wiretrip.net/rfp/
Looks foe default files that have vulnerabilities

Achilles http://packetstormsecurity.nl/web/
man in the middle proxy

Brutus http://www.hoobie.net/brutus/
password brute forcer

Teleport Pro http://www.tenmax.com/teleport/pro/home.htm
web site mirroring program

Spike proxy http://www.immunitysec.com/spikeproxy_downloads.html
A clever program that will inspect a web site

web scarab http://www.owasp.org
Still in production, will do a hell a lot of stuff when it's finished

N stealth http://www.nstalker.com/nstealth/
Very good web vulnerability scanner (30 days free)

Web cracker http://online.securityfocus.com/tools/706
Password brute forcer

CookieSpy http://www.codeProject.com/shell/cookiespy.asp
Inspects cookies

WebSleuth http://geocities.com/dazzie/sleuth
General tool, a based on IE, but allows you to do all the things IE doesn't let you

Whitehat arsenal http://community.whitehatsec.com/whitehat_arsenal.html
A collection of tools (NOT FREE)

I hope everyone finds this useful

and a prize to the first person to add a tool to the list (but it has to be a good tool!)

SittingDuck