Grendel-Scan is a security scanner which you can run against your website to check for vulnerablities. It was demonstrated/announced at DefCon last year and I never really got around to reviewing it/recommending it. Anyway, it’s a pretty cool little program that you can use to pentest your website/scripts for vulnerabilities. Just a simple test on prosper202 without logging into it prior revealed the following:

Directories were found supporting content listing.The vulnerable directories(s) are listed below:

http://www.mydom.com:80/202-img/

http://www.mydom.com:80/202-img/flags/

http://www.mydom.com:80/icons/

http://www.mydom.com:80/icons/small/

Although not that intriguing since these are hardly major vulnerabilities, you can play around w/ this program against various other types of free web applications out there along with testing your own.