I have been searching on net about the best programming language for webdevelopment.
I have found many blogs, posts, forum topics about the same.. Then came a crazy idea of "Why not check for what most people are searching about". Then I went of to "Google trends" to check the popularity, then searched in google for them to get the hit count. Here are the results..

PHP - Results 1 - 10 of about 11,470,000,000 for php
JSP - Results 1 - 10 of about 821,000,000 for jsp
ASP - Results 1 - 10 of about 3,620,000,000 for asp

Clearly php dominated the show..
Though I dont infer that php is the best for webdevelopment, but clear it is the most used / most searched language.. :) There is a plenty of help out there for php based webdevelopment.

Using open source tools for performance testing

Dont miss it!

Google London Test Automation Conference (LTAC) Google Tech Talks September 8th, 2006 Presenter: Goranka Bjedov

I got introduced to this browser an year back ....this thing Rocks .....
Web surfing was not so easier before.Yeah! I rediscovered the web as its caption says .
One thing for sure, when any thing goes open source it gets really better.Thanks to Netscape for letting Gecko into Open source.

There are few things that make this browser special, Tabbed browsing, Extensions and some options like - start searching when you type etc.

Extensions!! ya they make this browser a surfer's paradise.There are some cool extensions that I use, here is the list with my favourites at the top.

Web Developer
Greasy Monkey
Session Saver
Fire Bug
Venkman Javascript debugger
Edit Css
Adblock
Cookie Editor
Fire FTP - (Though I use this rarely)

Kudos to all the developers involved in building them.

Have you rediscovered the web?

~SAI

I was wondering if I can get a tool which can be used to check and debug the http headers that are sent by IE .One of my seniors suggested this tool called IE HTTP HEADERS.
Ya, the title explains what it does .....this tool sits in the explorer bar and show you the headers of the http requests sent and the responses received by IE. You can find more about the same here.

Recently, I had to test the http responses sent by two different applications .Well, form IE http headers, I can only see the headers but not the body and I was not sure whether the headers were parsed properly by the IEhttpheaders (I was not sure about the chars) .....
I wanted an application which can show me the raw data (in hex) sent by both the applications and compare them ............finally found some good tools "FIDDLER (freetool by microsoft)","HTTP watch/IEwatch"(paid tools) . Check more about fiddler in microsofts article here.

Well if you are a mozilla fan like me ........then use this extension "Live HTTP headers"

If you want to play around with headers (edit,modify) and want to know how your application handles them use the following extensions Modify Headers, Tamper data.

If you want to see the complete network data send and received by your comp irrespective of application /protocol (http/top) then use "Ethereal" .I never use it for http debugging, as it gives more information than you want.... though you can set filters and view exactly the info you want .......who cares when http debuggers are readily available.Its a marvelous tool though designed for advanced users.I used it to learn about TCP/IP and had a great experience with it.

Hmm.......that's it about the tools .........happy http debugging :)

PS: Do not use all the three mozilla extensions together . Some one said they will cause a problem when used together...

Huh after 10hours of my hardwork I finally managed to do an xss attack against dictionary.com
The site was pretty easy to attack.... they are not doing much validation at all.. you want to see what id did :) click here (Hmm.. wait for the page to load copmletely ... :( well I need to manipulate some javascript to make it load fast.. but hey .. I am not using the exploit... so i think its fine to live with it for now)

So what did you observe in that page? ...
The domain in the url points to dictionary.com and the page asks you to sign up for a paid service to use it.... hmm.. thats all you submit your credit card info boom... nothing happens :).Actually I know that no one is going to get trapped for that stupid interface I gave...so I set the action for that form to "about:blank". If we want we can set the action of that form in such a way that the credit card info when submitted through this form gets mailed to my Id.

Any ways ... the interface is pretty premitive.. we can make it more cool with some javascript.. that makes the user think that the page is from dictionary.com only... (for instance if he seaches again ..he will not see the payment page ...with the current interface.. we can change that with a little bit of javascript...)..

Any ways if you want to know how i did that just .. decode the url I gave in "click here" link above.. download the script it is pointing to and explore further.... Happy Hacking :)

Cross site scripting.. well I am a novice learning about hacking.. I started with sql injection and I was sucessful in doing it on a site.. well i hacked nothing but few tables of useless data...
Now a days its a well known vulnerability everyone is aware of and have taken precaution about... So I stopped exploring it for now...

Recently I came to know about xss.. and feel that its pretty cool especially when you are trying to hack email accounts, hunting for cookies... etc...show up your html pages on sites... cool that great.... I am understanding it... well tried it out on some test pages of mine and its cool... for more info about xss.. hit the google..............

I will provide more info once i hit the net and do some real hacks ... and get some experience on it...

Happy Hacking :)