The Web Site Security Center provides information about the most important web attacks, such as SQL injection & Cross site scripting. Besides explaining how they work, the center also provides information on finding and fixing these web vulnerabilities.
Web site security is possibly today's most overlooked aspect of securing data. Hackers are focusing their efforts on hacking web-based applications - shopping carts, forms, login pages, dynamic content, etc. Web sites are accessible 24 hours a day, 7 days a week and control crucial data since they often link directly to customer databases.
The site provides all sorts of resources on the various types of attacks (including cross-site scripting, SQL injection, authentication hacking, and Google hacking). They have a scanner you can download a trial of, but the information the site provides is valuable enough...
