New XSS cheatsheet?

The best new one I've seen recently is here http://html5sec.org/ good list of vectors with browser support noted and has quite a few of the more obscure ones.

If you really want to understand XSS, I strongly recommend OWASP's XSS Prevention Cheat Sheet. It's not focused on hacking, it's focused on helping developers prevent these problems in the first place. http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

Yes, grab fuzzdb from http://code.google.com/p/fuzzdb/:

fuzzdb helps identify security flaws in applications by aggregating known attack patterns, predictable resource names, and server response messages to create a comprehensive, repeatable set of malformed input test cases.

fuzzdb has a great list of attack payloads.