HTTP-Proxy/-Monitor / Reverse Proxy which allowed the developer all HTTP/HTTPS traffic between their computer and the Internet to view and manipulate inclusive request and receives.
A plug-in for Fiddler which check automatically a site against XSS attacks.
SQL Map A SQL injection Tool
A tool to check against SQL injections.
Even it is not a direct tool but I think it is a good chance to check your application about known attacks. Cos fuzzdb is a collection of known attacks against web applications and can be used with open source (Fuzzing) scanners. Under Linux there are bspw. fuzz, wapiti or zzuf.
The mole is a automatic SQL injection scanner. Unfortunately it is just in the beta state.
wapiti Web application vulnerability scanner / security auditor
A command line tool (in Phyton) to check web applications of security weaknesses.