an interesting article on automated vulnerability scanners and the limitations of these tools in finding real life web application vulnerabilities .

A very good resource of wardialers
http://www.wyae.de/software/paw/

A good framework is a great resource for any pentester .
Here are some of the best I found :

The mindmap written by Toggmeister (a.k.a. Kev Orrey) & Lee J Lawson http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
OSSIG http://www.oissg.org/
OSSTMM http://www.isecom.org/osstmm/
OWASP http://www.owasp.org

The following column was published on SecurityFocus today:
PHP apps: Security’s Low-Hanging Fruit
by Kelly Martin
published 2007-01-08
PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here’s how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems [...]