XSS Tunnelling Paper and XSS Tunnel Tool
Finally I released XSS Tunnelling paper and the tool about two weeks ago. It was supposed to be released in Italy OWASP 2007 but I couldn't attend because of a stupid visa problem. Thus I released and presented in Web Security Days - OWASP Turkey event.
I was playing with this idea for six months or something, finally I got my hands dirty and code it and wrote the brief paper.
XSS Tunnel and XSS Shell (source codes and binaries)
I've got really good reviews so far, please feel free to send your comments. In my humble opinion this is the final point of "session hijacking".