> HTML5 is really interesting. The example there would be somewhat limited- without exploit it can't escape it's little sandbox, meaning it would be great for things like DDoS but not for stealing private information.
May I suggest you take a look at http://www.beefproject.com/ and see what can be done without escaping it's little sandbox. Also if the goal is compromising a host, there will generally be an exploit as part of the toolkit, not necessarily an easily detectable one. At CanSecWest earlier this year there was an interesting Chrome-based pwn2own from the guys at MWR.
May I suggest you take a look at http://www.beefproject.com/ and see what can be done without escaping it's little sandbox. Also if the goal is compromising a host, there will generally be an exploit as part of the toolkit, not necessarily an easily detectable one. At CanSecWest earlier this year there was an interesting Chrome-based pwn2own from the guys at MWR.