Microsoft ASP.NET version 2 also fights cross-site request forgeries with a MAC'ed token:
Browser based tool for website XSS testing
Anleitung, wie man in php utf7-strings zur filter evasion erzeugt
Explanation, why Google was vulnerable against UTF-7 encoding
An open webservice, that let cute little XSSler store their stolen session credentials
Proposal for an extension of http/HTML to migiate XSS threats
BrowserSpy can tell you all kinds of detailed information about you and your browser. Stuff like the version of your browser. What kind of things it supports and what it doesn't support. Furthermore it can provide you detailed information about JavaScrip
Webpage that detects Acrobat Version