Sitespeed.io is an open source tool that helps you analyze and optimize your website speed and performance based on performance best practices. It collects data from multiple pages on your website, analyze the pages using performance best practices rules and output the result as HTML-files or JUnit XML.
Mobello is high performance javascript UI framework for HTML5 mobile app
An article on the best practices to apply in order to minimize HTTP round-trip times
Mink is an open source acceptance test framework for web applications, written in PHP 5.3.
The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software.
web.go is the simplest way to write web applications in the Go programming language. It's ideal for writing simple, performant backend web services.
Meteor is an ultra-simple environment for building modern websites.
Pyramid is a very general open source Python web framework.
A collection of simple recommendations for decent Web application frontends
The chromeless project is an experiment into making it possible to build a web browser using only web technologies, like HTML, JavaScript, and CSS.
Put the internet to work for you.
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Look up at the URL bar! You are the O! You are trying to hunt the a"s. Use the left and right keys to move. When you are over an a press spacebar to shoot!
Run a free website speed test from multiple locations around the globe using real browsers (IE and Chrome) and at real consumer connection speeds.
It displays a menu with links that load other bookmarklets including Firebug Lite, Page Resources, DOM Monster, SpriteMe, and CSSess. The Mobile Perf menu is updated as new bookmarklets are released - so you get the latest tools automatically.
Below you’ll find some text marked up with the core elements of Type-a-file. View the source code to find out how to use them on your own site. This element, for example is called a “kicker.” It’s paragraph text that introduces the rest of the text. It’s useful for outlining your topic & looks killer. Just create a div with class=“kicker” and throw some paragraphs into it. Blammo!
Organized Web Design Collection of User Interfaces for Inspiration and Ideas. The CSS Gallery Alternative