A small script that adds some "security by obscurity" to WP in order to make a worm's life somewhat harder
Microsoft ASP.NET version 2 also fights cross-site request forgeries with a MAC'ed token:
Explanation, why Google was vulnerable against UTF-7 encoding
Anleitung, wie man in php utf7-strings zur filter evasion erzeugt
Sammlung von probing tools. Ausprobieren!
Proposal for an extension of http/HTML to migiate XSS threats