Brookflow - Web Development and Marketing

Been revisiting this subject and catching up on best practice.  Found the following useful resources whilst doing so:

1. How to Break Web Software - excellent book on the subject by by Mike Andrews and James Whittaker
2. Google video - http://video.google.com/videoplay?docid=5159636580663884360
3. Mark Krugers blogs and podcasts on the security pyramid - http://mkruger.cfwebtools.com/index.cfm?mode=alias&alias=security.pyramid.intro

Sites dedicated to the subject

1. WebAppsSec - http://www.webappsec.org/
2. OWASP - http://www.owasp.org/documentation/topten.html
3. Security Focus - http://www.securityfocus.com/

I found this great list of free CF framework and applications on  this site.

“There’s millions of lines of free code out there in the form of frameworks, tools, and other packages intended to aid and abet the skilled and professional development of ColdFusion applications.” Examples:

• CFEclipse
• Fusebox
• Mach-II
• ModelGlue
• onTap
• CFCDev.org
• cfLib.org
• Tartan
• COAL
• ColdSpring
• http://www.productivityenhancement.com/plum/WhatPlumCanDo.cfm

As for complete applications, here’s just a few (and there’s more!):

• Galleon Forums
• BlogCFC
• FarCry