I need to express my love for OWASP’s Live CD (aka OWASP Web Testing Environment).  Its backtrack-like philosophy of piling in the web-security tools is simple, but the end result is a wonderful testing environment.  Firefox comes action-packed with web testing addons, a pile of proxies (burp, paros, rat), a multitude of scanners (grendel,w3af), and an array of other tools.

While the forums and tutorials on the site are a bit slim at the moment, its a great start to a growing resource.

Get the iso’s and VM images here: http://appseclive.org/