Here is a picture of my next mid-term project :

Https connections are often used to transfer important data, such as passwords, PINs, or credit card numbers. The browser ensures that the sender can be identified with a valid certificate and that the transferred data are encrypted. An error in the Debian Linux distribution has generated numerous certificates that are child's play to crack. Many servers still use these weak certificates, even though it is impossible to establish a secure connection using them. The heise SSL Guardian checks the SSL certificates and warns you when it detects a weak one.

Download :
http://www.heise-online.co.uk/security/Heise-SSL-Guardian--/features/111039/

Together with the server-side stripslash() php function this call slips through the IE8 XSS filters because it strips the slashes server side and such evades IE8 detection when the HTTP request is being sent by IE8:

See: http://www.0x000000.com/?i=634

Sensepost released their JSP/PHP/ASP pivot/covert channel named reDuh :

Basic concept :

• Glenn has the ability to upload / create a JSP page on the remote server
• Glenn wishes to make an RDP connection to the server term-serv.victim.com (visible to the web-server behind the firewall)
• The firewall permits HTTP traffic to the webserver but denies everything else

http://www.sensepost.com/research/reDuh/

Skape released whentrust as opensource :
http://www.codeplex.com/wehntrust

Thanks skape and good luck at MS

PS. Don't underestimate Whentrust, even with Windows2003 and Hardware NX it still increases protection (nx pages)