Every developer has their suite of tools (Emacs, Vim, Eclipse, TextMate, snippets from years past), and in a similar fashion every security engineer has their favorite tools. Listed below are some of my preferred tools for performing web application assessments.

This is definitely a work in progress that I will be expanding as the site grows.

HTTP Interception and Debugging