It is very time consuming to do this sort of testing. I would recommend going through your code very carefully, and finding places where it would be easy to make a mistake. Then write test cases to make sure you didn't make that mistake. Keep the tests around, and as the application evolves, you can reassure yourself you haven't made any of the mistakes you predicted by running the tests.

Also, read everything you can about secure programming. As you learn about new vulnerabilities, scour your code for them, then write tests to ensure they aren't introduced later. This article from SecurityFocus, Five common Web application vulnerabilities, is a good start. Searching here on PerlMonks for security would probably yield some helpful information, too.

For more advanced testing, fuzzing might be a useful technique.