Nuovo tool per Visual Studio 2005 per rilevare i potenziali punti deboli di un'applicazione Web relativamente al Cross Site Scripting..
XSSDetect is a static code analysis tool that helps identify Cross-Site Scripting security flaws found within Web applications. It is able to scan compiled managed assemblies (C#, Visual Basic .NET, J#) and analyze dataflow paths from sources of user-controlled input to vulnerable outputs. It also detects whether proper encoding or filtering has been applied to the data and will ignore such "sanitized" paths.
Fonte: XSSDetect BETA