Webdesign

A very interesting case study by ted serbinski reporting his conclusions on preventing Drupal blog spam. His recommendations may apply to other blog tools :
- forcing a comment preview before posting it
- adding a captcha field within the form
- filtering the remaining spam with a good specialized module, such as Akismet

BackTrack is a live CD Linux distribution that focuses on penetration testing. A merger of two older security-related distros -- Whax and Auditor Security Collection -- BackTrack bundles more than 300 security tools.

PhpSecInfo
http://phpsec.org/projects/phpsecinfo/
PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

Chorizo!
https://chorizo-scanner.com/
Chorizo! is a Next Generation Web Application Security Scanner. It acts as a proxy between your browser and your application, recording all requests you make to your application. It scans in the background for security issues like Cross Site Scripting (XSS), Cross Site Request Forging (CSRF), Code Inclusion, Remote Code Execution, PHP vulnerabilities, Session injection and more.

Founded in 2004 by three Security Researchers from Germany, the Hardened-PHP Project has the goal to help you with securing your applications and webpages. We check well known applications for security holes and inform the vendors about them.

> PHProxy
http://sourceforge.net/projects/poxy/
PHProxy is a web HTTP proxy programmed in PHP meant to bypass firewalls and access otherwise inaccessible resources (i.e. blocked websites). If the server this script is run on can access a resource, so can you!

Apaz
> http://apaz.labs.libre-entreprise.org/index.html
aPAz is A ultra light Php AnonymiZer. It is intended to be a "Put it Anywhere, Browse Everywhere" application. You can use it on any Web server that use PHP and allow socket functions.

> TOR
http://tor.eff.org/index.html.en
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.