http://www.microsoft.com/downloads/details.aspx?FamilyId=0178e2ef-9da8-445e-9348-c93f24cc9f9d&displaylang=en – 32 bit version
http://www.microsoft.com/downloads/details.aspx?familyid=E0052BBA-2D50-4214-B65B-37E5EF44F146&displaylang=en – 64 bit version
It searches your (or somebody else's :P) compiled code for:
- Cross Site Scripting
- SQL Injection
- Process Command Injection
- File Canonicalization
- Exception Information
- LDAP Injection
- XPATH Injection
- Redirection to User Controlled Site