Windows: Local account management

To create a local user massively in a list of servers, you can use this command:

Psexec \\server1 net user user01 Pass.128 /ADD

Psexec \\server2 net user user01 Pass.128 /ADD

...

Use the excel to concatenate the fields, so you can have a full list of command, without typing each server.

Then, add the propper permission:

Psexec \\server1 net localgroup administrators /add user01

Psexec \\server2 net localgroup administrators /add user01 

...

If  you just want to allow access to a domain user, is pretty similar:

Psexec \\server1 net localgroup administrators /add contoso\user02

Psexec \\server2 net localgroup administrators /add contoso\user02

...

Then if you need to remove permissions, issue this command

Psexec \\server1 net localgroup administrators contoso\user02  /delete

Web VRA: Google skipfish

Skipfish is an active web application security reconnaissance tool from Google. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
Key features:

• High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

• Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

• Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

The tool is believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

Home Page:
http://code.google.com/p/skipfish/

Wiki Doc:
http://code.google.com/p/skipfish/wiki/SkipfishDoc