Most interestingly, however, Facebook allows you to do this by executing your code on *.facebook.com. What this means is your code has privileges to do whatever any of Facebook's code can do -- if you can make it happen...
Firefox masterpassword bruteforcer
IMAP/SMTP Injection are attack vectors that are new to me
MD5/LM/NTLM Largest Distributed Rainbow Table Cracking System
This form uses several MD5 databases to look up an MD5 hash and return its original counterpart.