Everyone who is a regular Smashing Magazine reader will know that we have a traditional habit of regularly researching the latest resources, tools and services out there on the Web, as productivity is a crucial asset of professional Web designers and developers. We could, and should, all integrate workflow optimization into our working practices.

Cloudata is a new open source implementation of Google's BigTable paper. It can be found on Github here. It appears to be the project of a Korean developer named YKKwon.

As noted at MyNoSQL, there are only a couple commits and it's not clear how serious this project is. But it will be of interest to big data, MapReduce and BigTable buffs.

Photon is an open source PHP "micro framework" using Mongrel2 and ZeroMQ. It was created by Loïc d'Anterroches, who claims that Photon is three to 10 times faster than frameworks such as Zend. "Photon does not try to do everything, the core is small, easy to understand and without magic," d'Anterroches writes.

As an example, d'Anterroches posted the code for a real-time chat application built with Photon. "This is effectively the entire "server side views handling the jsSocket connection," he wrote on Hacker News. "The front end is a copy/paste of the chat available in the Mongrel2 examples."

works perfectly on Mac OSX

Friday, March 19, 2010 10:49 AM

Posted by Michal Zalewski

The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, we have released projects such as ratproxy, a passive security assessment tool; and Browser Security Handbook, a comprehensive guide for web developers. We also worked with the community to improve the security of third-party browsers.

Today, we are happy to announce the availability of skipfish - our free, open source, fully automated, active web application security reconnaissance tool. We think this project is interesting for a few reasons:

• High speed: written in pure C, with highly optimized HTTP handling and a minimal CPU footprint, the tool easily achieves 2000 requests per second with responsive targets.
• Ease of use: the tool features heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
• Cutting-edge security logic: we incorporated high quality, low false positive, differential security checks capable of spotting a range of subtle flaws, including blind injection vectors.

As with ratproxy, we feel that skipfish will be a valuable contribution to the information security community, making security assessments significantly more accessible and easier to execute.

To download the scanner, please visit this page; detailed project documentation is available here.