I lead the OWASP AntiSamy project. It’s a library for Java that sanitizes user input, making sure input provided by users can’t contain JavaScript or HTML that could be malicious. Probably my greatest achievement aside from recently passing a Google CAPTCHA.