This from my colleague, self-described Security Curmudgeon, Matt DuHarte.

As we were discussing here are some of the Firefox addons that are in my standard load out.

Tamper data - http://tamperdata.mozdev.org/

Hackbar - http://code.google.com/p/hackbar/

Live HTTP headers - http://livehttpheaders.mozdev.org/

Refspoof - http://refspoof.mozdev.org/

User Agent Switcher - http://chrispederick.com/work/user-agent-switcher/

WebDeveloper Toolbar - http://chrispederick.com/work/web-developer/

More heavyweight

Firebug - http://getfirebug.com/

Greasemonkey - http://www.greasespot.net/

SQL Inject-ME - http://labs.securitycompass.com/index.php/exploit-me/

XSS-Me

Please share if you have some other security related tools you would like to recommend.

-matt