Get Started. It's Free
or sign up with your email address
Web2.0 Hacking by Mind Map: Web2.0 Hacking

1. Information Farming

1.1. Data Aggregation

1.1.1. Collecting Information Reason knowlege semantics Tools Server Side Client Side

1.1.2. Analyzing Information Reason to know better to plan better to measure success Tools Feeds Trafic Custom

1.2. Data Distribution

1.2.1. Reaching Individuals Reason Inflience Direction 0wnage Tools Comments to personal blogs Pingbacks to personal blogs Trackbacks to personal blogs Bookmarks part of the same interest group Social Networks

1.2.2. Reaching the Masses Reason mass Influence mass 0wnage mass Direction Tools Splogs Search Engines Aggregators

2. API Mastering

2.1. Reason

2.1.1. to accommodate Web Agents

2.1.2. to accommodate Sophisticated Worms for propagation for backend support for AI

2.1.3. to accommodate Sophisticated Attack Interfaces

2.1.4. to accommodate Sophisticated Attack Infrastructures

2.2. Finding APIs

2.2.1. Mashable

2.2.2. TechCrunch

2.2.3. Programmable Web

2.2.4. Google

2.3. Using APIs

2.3.1. Yahoo Site Explorer Page Data craw get the site complete structure

2.3.2. Yahoo Site Explorer Ping ping for a change just ping add xss payload ping XSSed websites to find the targets

2.3.3. Yahoo Search find more stuff

2.3.4. Google Search find stuff

2.3.5. Mailinator SMTP to RSS

2.3.6. Dodgit SMTP to RSS

2.3.7. Mailbucket SMTP to RSS

2.3.8. Zoho Creator online database

2.3.9. Yahoo Pipes XML Proxy Feed Proxy CSV Proxy Web Services Infrastructure Utilities

2.3.10. Ponyfish scrape all links

2.3.11. Dapper scrape any site

2.3.12. Yahoo ZoneTag Find location from CELL ID

2.3.13. dabbledb online database

2.3.14. Hostip GEO IP

2.3.15. SEO Textbrowser proxy SEO analysis keywords tags statistics inbound links outbound links domains

3. Attack Infrastructure Architecture

3.1. Reason

3.1.1. to hide by intermixing technologies by creating covert channels

3.1.2. to reach individuals organizations

3.1.3. to enable viral propagation via feeds via blogs via user generated content targeted attacks

3.2. Tools

3.2.1. Free Hosting Google Pages host files Google Mashup Editor host files host programmable logic Google Code host files Feeds RSS to HTML Blogs host files host blog entries communicate with the blogsphere Freewebs host files JavaScript vendor sites jQuery AttackAPI

3.2.2. Mashup Editors Google Mashup Editor control datasources provided intuitive GUI Yahoo Pipes link components run server side tasks Popfly irrelevant and this stage

3.2.3. Services HTML to RSS scraping Screen Scraping SMTP to RSS bridging RSS to SMTP Schedulers Google Calendar l8r Alerts Google Alerts