php|architect's Guide to PHP Security -- http://phparch.com/pgps

Essential PHP Security by Chris Shiflett -- http://phpsecurity.org/

Apache Security by Ivan Ristic -- http://apachesecurity.net/

Web Application Security Papers -- http://suif.stanford.edu/~livshits/work/griffin/lit.html

Secure PHP Wiki -- http://securephp.damonkohler.com/index.php/Main_Page

Operating Systems Guides -- http://www.nsa.gov/snac/downloads_os.cfm?MenuID=scg10.3.1.1

Cross Site Scripting Could Make You Lose Your Cookies -- http://www.sitepoint.com/blog-post-view.php?id=281643

PHP Cryptography by Robert Peake -- http://phpmag.net/itr/online_artikel/psecom,id,667,nodeid,114.html

Security Corner: Session Fixation -- http://shiflett.org/articles/security-corner-feb2004

The Truth about Sessions by Chris Shiflett -- http://shiflett.org/articles/the-truth-about-sessions

Foiling Cross-Site Attacks by Chris Shiflett -- http://shiflett.org/articles/foiling-cross-site-attacks

SQL Injection Attacks by Example by Steve Friedl -- http://unixwiz.net/techtips/sql-injection.html

WACT: PHP Security Wiki -- http://www.phpwact.org/security/web_application_security

XSS Prevention -- http://blog.bitflux.ch/wiki/XSS_Prevention

PHP and the OWASP Top Ten Security Vulnerabilities -- http://www.sklar.com/page/article/owasp-top-ten

Chorizo Vulnerability Scanner -- https://chorizo-scanner.com/

Tamperdata Firefox Extension -- http://tamperdata.mozdev.org/

PHP Input Filter -- http://cyberai.com/inputfilter/

MD5 Search Engine -- http://md5.rednoize.com/

PHP Security Scanner -- http://securityscanner.lostfiles.de/

ModSecurity: Open Source Web Application Firewal -- http://www.modsecurity.org/