Here are some of the tools I use for Security and Code analysis  (I bet you didn’t see that coming from!)

WebConfig Analyzer - you can do a stand alone download and feed your webconfig into it

WireShark Use this to see what is going on on the network.

Fiddler - Great for https inspection.

Netsparker Use it to hit test sites and see if throws back anything useful.

BackTrack 4 Not sure what needs to be said here other than the best way to get a white hat, is to take a black hat and bleach it. link has been updated to point to Kali org

The backtrack to kodi broken link was fixed by our friends at comparitech, who posted this (helpful VPN guide for Linux)helpfullinuxvpn

FXCop I tun this against my code when I want to feel stupid and see how many places I’ve goofed.  Things putting getters and setters on read only data. Doh!

Reflector Other peoples code and programs look pretty fun when uncompiled. Likewise, this is also good for making sure you didn’t leave any sensitive information in your own binaries.

FireFox add-ons:

ViewState

FireBug

And then everything else that SnipeyHead (Blog Twitter) uses: