For every developer who wants to build production-quality applications using PHP and MySQL. In this one-of-a-kind video package, top Web developer and Prentice Hall author Marc Wandschneider shows you exactly how to build reliable, secure, industrial-strength Web applications with PHP and MySQL. You’ll master both PHP and MySQL through 18 comprehensive video lessons, and you’ll have your first PHP/MySQL application running in less than an hour.

Product Description

For every developer who wants to build production-quality applications using PHP and MySQL. 

In this one-of-a-kind video package, top Web developer and Prentice Hall author Marc Wandschneider shows you exactly how to build reliable, secure, industrial-strength Web applications with PHP and MySQL. You’ll master both PHP and MySQL through 18 comprehensive video lessons, and you’ll have your first PHP/MySQL application running in less than an hour.

Wandschneider shows how to set up PHP on Windows and Mac OS X and then builds your skills by walking you through actual application development projects. Just click, watch, and learn efficient ways to implement user account creation, form validation, cookie and session management, file upload/download, and much more.

Everything’s taught visually, using sample applications ranging from a simple calculator to a full-fledged photo sharing site, and all the sample code is on the DVD. Programming challenges at the end of each lesson teach you how to take your skills to the next level. You’ll master essential PHP and MySQL best practices at your own pace and learn how to deliver production-quality PHP/MySQL solutions faster and more effectively.

LiveLessons: Video Instruction from Technology Experts

Looking for a better way to master today’s rapidly changing technologies? Want expert help, but don’t have the time or energy to read a book? Can’t find classroom training worth the money? Discover LiveLessons: self-paced, personal video instruction from the world’s leading experts.
LiveLessons are video courses, on DVD with a book supplement, that are organized into bite-sized, self-contained sessions—you’ll learn key skills in as little as fifteen minutes!
Each lesson begins with well-defined learning objectives so you know exactly what you will learn in the lesson.
Follow along as your instructor shows exactly how to get great results in your real-world environment.

About the Author

Marc Wandschneider is the author of Core Web Application Development with PHP and MySQL (Prentice Hall, 2006). He has been a programmer for more than fifteen years and has worked extensively with open source platforms. He designed and implemented Swik to help people collaboratively document open source software, and continues to work on various free and open source projects. He currently travels the globe, consulting as a lead manager for software projects and teams. A graduate of McGill University’s School of Computer Science, he spent nearly six years at Microsoft as a developer and leader on the Visual Basic, Visual J++, and .NET Windows Forms teams.

Download : http://avaxhome.ws/ebooks/PHP_and_MySQL_Live_Lessons.html

Do SQL injections turn you on? How about double SQL injections? If the answer is ‘yes’, then
1): Good luck with your dating life
2) Boy are you in some luck!

A new of breed of security product called Seeker produces some vivid hacker pr0n in the form of a video (see above) of how it broke and exploited every nook and cranny of your unsecure code. Yes, I’m going to say it, Seeker might be the Seymore Butts of security products!

Kidding aside, Seeker seems be packing pretty fearsome application security technology. The company behind it is an Israeli white hat hacking shop called Hacktics. These guys do work for startups, banks, telcos, governments, and homeland security agencies. Their team members hold very high security clearances due to their prior and current service records in the IDF (Israeli Defense Force). It’s safe to say these guys know a thing or two about application security.

Seeker was designed for use by individuals that are part of the development organization which do not necessarily possess security knowledge, or even deep technical knowledge. These can range from developers, to QA staff, to team leaders. It’s for this reason that Seeker points to real business threats rather than just technical issues.

This is where a two particular product features stand out. Seeker produces screenshots (see below) that allow testers to see the vulnerabilities in the context of the actual application functionality they relate to, rather than getting just technical information based on URLs. The screenshots also contain screenshots showing how the application handled each attack.

The second stand-out feature is ‘Exploit Videos’. Seeker automatically creates a step-by-step exploit video for each vulnerability it identifies and exploits, making it easier for the developer to manually reproduce errors before and after fixing the code. Video is also quite an effective method for non-security users to understand the actual threats and potential exploits. Just imagine being able to show management or external developers such a video. Pretty effective stuff.

Seeker’s methodology is to perform runtime analysis of code executed in order to identify security flaws in the application. This is done by hooking into the process executing the application, and performing step-by-step analysis of the executed code. The attacks themselves are generated dynamically based on a ‘Smart Attack Tree,’ a long list of rules for mutating attacks based both on how the application reacts to them, and the actual application code.

The product supports an orgy of vulnerabilities, including: SQL injection, XML/XPath injection, directory traversal, cross-site scripting, parameter tampering, forceful browsing, malicious content upload, username/password enumeration, insecure redirects, source code disclosure, insecure storage of sensitive data (such as Credit cards, CVVs, SSNs), cookie poisoning and plenty more.

Currently supported are Java and .NET code analysis, using any database if no stored procedures are used. For stored procedures, Seeker supports Microsoft SQL and Oracle. PHP, as well as support for MySQL stored procedures, will be rolled out in a few months.

Seeker is currently headquartered in Israel, with $3M in funding under its belt.

Mai multe : http://techcrunch.com/2010/05/06/seeker/#ixzz0nEbEPJPK