The “Ace” team inside of Microsoft has kindly released a plug-in for Visual Studio called XSSDetect. XSSDetect is a “static code analysis plug-in that will identify Cross-Site Scripting security flaws in any managed Web Application” (Microsoft).
XSSDetect analyzes .NET Intermediate Language (IL) read directly from the compiled binaries. It takes apart all assemblies, modules, classes and methods down to each instruction. It then identifies statements where untrusted user data enters the application and where dangerous methods are called. These form the two sets of statements (sources and sinks) between which XSSDetect then finds dataflow paths. This is the same algorithm that is employed when an application is code reviewed manually by an experienced security analyst (Some technical details on how XSSDetect does Dataflow Analysis).