from the to-whom-it-may-concern dept.
CWmike writes "Google has released for free one of its internal tools used for testing the security of Web-based applications. Ratproxy, released under an Apache 2.0 software license, looks for a variety of coding problems in Web applications. A 2006 survey by the Web Application Security Consortium found that 85.57 percent of 31,373 sites were vulnerable to cross-site scripting attacks, 26.38 percent were vulnerable to SQL injection and 15.70 percent had other faults that could lead to data loss."
The F-15 Eagle:
If it's up, we'll shoot it down. If it's down, we'll blow it up.
-- A McDonnel-Douglas ad from a few years ago