Library

• Books
  Essential PHP Security by Chris Shiflett
  Apache Security by Ivan Ristic
  
• Documentation
  The Truth about Sessions by Chris Shiflett
  Foiling Cross-Site Attacks by Chris Shiflett
  SQL Injection Attacks by Example by Steve Friedl
  WACT: PHP Security Wiki
  PHP and the OWASP Top Ten Security Vulnerabilities
  PHP: Security - Manual
  
• Services
  Mayflower Security Audits
  OmniTI Web Application Security Services
  
• Tools
  SecureToken
  SecureImage
  Chorizo Vulnerability Scanner
  GHDB: Google Hacking Database
  Tamperdata Firefox Extension
  LiveHTTPHeaders Firefox Extension
  MD5 Search Engine
  ModSecurity: Open Source Web Application Firewall
  Ben Ramsey: Reverse MD5 hash lookup
  PEAR :: Package :: HTML_Safe
  Suhosin PHP Extension
  
• Other
  Open Web Application Security Project
  ModSecurity: Resource Library
  Web Application Security Consortium
  FastCGI
  XSS (Cross Site Scripting) Cheatsheet
  (IN)SECURE Magazine
  Apache Security
  ModSecurity: Open Source Web Application Firewall
  BindShell.Net: BeEF
  PHP Security Consortium: PHPSecInfo
  CERIAS Security Seminar Archive
  The Ethical Hacker Network: How To Break Web Software
  Web App Security: The New Battlefront