1) The Web 2.0 service that Petkov lists first is Yahoo Pipes, which he refers to as the "web hacker power tool" that can't "be compared to any other service available on-line," not even Google Mashup Editor. Yahoo describes Pipes as a hosted service that lets the user remix feeds and create new data mashups in a visual programming environment. Petkov calls Yahoo Pipes "the most elegant tool for all sorts of malicious purposes on-line."
2) Dapper is Web 2.0's "scraping service," Petkov writes, and is most suitable for community-supported malware code. In short, Dapper makes it easier to create worms that propagate across the entire Web.
3) Feed43 takes Dapper to another level, allowing the malware writer to create regular expression-like rules, Petkov writes. Pronounced "feed for free," it's an online service that serves as a proxy between a news reader application and third-party Web sites that don't support RSS natively, allowing you to convert any Web page into an RSS feed. "Do you want to extract the latest Google Hacking database entries, or you may prefer to look for SQL Injection payloads? No problem," Petkov writes.
5) Google Reader RSS reader "is one of the most powerful feed backup and mashup services on-line," Petkov writes. The reader can be used to backup stolen credentials and mash them with other malicious feeds. "It is so powerful that you can export to mashed feeds again into ATOM and then feed it back to your Trojans," he concludes.
Petkov calls a "security mashup" a way to create largely distributed testing infrastructures, a mechanism for instantly accruing dynamic knowledge that, he admits, has a lot of potential for bad purposes, and a way to bypass the "same original policies" to an extent.
Who knew Web 2.0 could be so dangerous?