Damon P Cortesi emailed me over a week ago to tell me about the sysinternals website - i mentioned this in my post Another great Windows internals site
. Damon also mentioned in a further email to me that he has a blog
of his own that does include a small number of security related posts. I found one very good one titled "XSS Cheatsheet
" - this post is short and sweet and links to a superb paper called "XSS cheatsheet - Esp: for filter evasion
". This is a paper not for people who want to know what XSS (Cross Site Scripting) is but instead it is a superb list of possible tricks and hacks to try in XSS type attacks.