Jose Nazario, editor of wormblog.com, has this to say about my Nematode research: “What is interesting out of Dave's talk is the nematode generation tools he wrote. They work well, and they get around the problem of a lot of boilerplate code that has to be written for any worm. This is potentially a scary development, as more sophisticated attackers will begin improving their worms with these kinds of tools and dropping in exploits in a matter of minutes."

The truth is, very few people really know anything about worms, because very few people are writing them. It's hard to write them it takes longer than most academics feel like putting into the problem. But this just means there's room for an automated solution that takes the grunt work out of it, which is what you need to do before you can start researching them in a serious way. Most of what happens with worms that's interesting is not obvious, and it's chaotic enough that doing things in a mathematical model doesn't produce interesting results. So come to my talk. When you leave my talk, you should be able to write your own Nematode language in less than 15 minutes.

A few weeks after my Toorcon presentation about using XSS+AJAX to develop dangerous payloads, the MySpace.com virus hit! After dismissing some co-workers asking me "Did you do it?" I started analyzing the code. It was so cool to see something you had just predicted actually happen. It was proof that AJAX, while DOM restricted, was very dangerous indeed. After looking the whole thing through I began to think: How could the payload be even worse... what if it this happened to a bank, or a stock website...Hmmm...What if I could make stock trades for you?

Research on web application worms exists, but is almost all theoretical or laughably silly in scope or proofs of concept. I grabbed the source to all the examples I could and started digging.