Even if i'll be busy with papers and tests, I really would like to do different things:

1. Grabber: Adding an encoding stuffs for testing with different type of charsets (UTF-7/8/16 and other type of languages)
2. Create a JavaScript functional analyzer: I've been thinking on this for a while, I think this is a good idea to detect XSS. I was thinking of using Stratego/XT for the parsing/AST construction; but still, because it's javascript, it's really hard to parse every possible things.
3. XSS Handler: Just for fun, I want to do a PHP function for preventing XSS (using mb_strings) and the same kind of thing in Python