Martin

OStatus is an open standard for distributed status updates. Our goal is a specification that allows different messaging hubs to route status updates between users in near-real-time- - Martin

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. - Martin

CouchDB hosting in the cloud. Up to 1GB free. [currently invite only, private beta] - Martin

CoffeeScript is a little language that compiles into JavaScript. Think of it as JavaScript's less ostentatious kid brother — the same genes, roughly the same height, but a different sense of style. Apart from a handful of bonus goodies, statements in CoffeeScript correspond one-to-one with their equivalent in JavaScript, it's just another way of saying it. - Martin

Pure web app e-book reader for iPhone and Android. Install it on your iPhone home screen and it acts like a regular app, including the use of local storage for your saved books. - Martin

The YQL Web Service enables applications to query, filter, and combine data from different sources across the Internet. YQL statements have a SQL-like syntax, familiar to any developer with database experience. - Martin

ShrinkIt is a simple, small, Panic-internal tool (for Mac OS X Snow Leopard) that will automate the process of stripping needless metadata from PDFs by re-saving them using Apple’s PDF processor. For app resources and icons that aren’t using high-end Illustrator features, this should be lossless — Apple’s PDF code is not compressing anything, just removing cruft. Simply drop a bunch of files (not folders) onto it — such as the contents of your app’s Resources folder — to have it find the PDFs and do its magic. The original files will be renamed with the prefix “_org_” for backup safety. That’s it! - Martin

HTTP based protocol to attach meta-data to an email address - Martin

This memo describes a method for locating host metadata for Web-based protocols. Such metadata could be, e.g., crossdomain.xml, robots.txt, webfinger infos, etc. - Martin

Simple ruby script to archive a rss feed to a SQL backend - Martin

Developer tools from Opera, now open source - Martin

Must have hack by Steven Frank. - Martin

The Closure Compiler is a tool for making JavaScript download and run faster. It is a true compiler for JavaScript. Instead of compiling from a source language to machine code, it compiles from JavaScript to better JavaScript. It parses your JavaScript, analyzes it, removes dead code and rewrites and minimizes what's left. It also checks syntax, variable references, and types, and warns about common JavaScript pitfalls. - Martin

Yesterday, I received a post in the Pen-Test mailing list requesting for tips/resources on penetration testing of flash applications.  While there are some tools and white papers available, I could not find many authoritative resources which wraps the entire spectrum of flash security testing of RIA applications.  So here is an endeavor to detail out the steps of testing.  I will keep this post only to outline the essential steps or points.  Please feel free to recommend additional inclusion of tools and techniques.  The idea is to come up with a comprehensive paper which can be used by pen-testers to test flash based Rich Internet Applications (RIA). - Martin

When a website (E.g. example.com) makes requests to another site (E.g. myonlinebank.com), it can potentially cause harmful effects (This is called Cross-Site Request Forgery). The problem with this kind of attack is that it often goes undetected, but leaves the user with the aftermath. CsFire protects you against this kind of attacks, by rendering these requests harmless. This is done by removing authentication information (cookies and authentication headers). - Martin

Is your browser configuration rare or unique? If so, web sites may be able to track you, even if you limit or disable cookies. Panopticlick tests your browser to see how unique it is based on the information it will share with sites it visits. Click below and you will be given a uniqueness score, letting you see how easily identifiable you might be as you surf the web. Only anonymous data will be collected by this site - Martin

Here you can subscribe to Youtube channel podcasts and favorites RSS video feeds in FLV and MP4 formats. There is also video format suitable for playing in PSP. You can also download individual Youtube videos in these formats. - Martin

Diffbot is a seed stage web startup focused on leveraging statistical learning algorithms to achieving the holy grail a truly personalized newspaper that is not limited to structured data sources. Our first product, Diffbot Reader, is used by tens of thousands of users each day to manage their personal web. We currently index a quarter million URL sources and are rapidly growing. Turn any URL into an RSS feed with feedbeater. Filter out these changes or get an email when updates are found. If you need to keep track of many websites at once, use our Diffbot reader. - Martin