2. H5scHTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
3. FlashbangProject "Flashbang" - An open-source Flash-security helper
4. HttpleaksHTTPLeaks - All possible ways, a website can leak HTTP requests
6. DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
7. PastePurifyThis is a tiny Chrome Extension that protects your from Clipboard XSS Attacks