When it comes to the Software Development Life Cycle (SDLC), security is often an afterthought. At the same time the Common Vulnerabilities and Exposures database reports about as many Buffer Overflow vulnerabilities as Cross Site Scripting, a vulnerability that can be exploited to scan your network or clear out your bank account. How can we move security earlier into the SDLC to reduce both costs and exposure? Enter Exploit-Me, a series of light Open Source Firefox Add-ons providing a Smith & Wesson style interface to running tests for common security vulnerabilities. This talk will explain the most common web vulnerabilities, their significance, and how to test for them using the Exploit-Me Add-ons.