Sunday, August 21, 2011

Google Hacking for Penetration Testers, Volume 2


A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I've seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at http://johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true-creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information.-Johnny Long. Learn Google Searching BasicsExplore Google's Web-based Interface, build Google queries, and work with Google URLs.. Use Advanced Operators to Perform Advanced QueriesCombine advanced operators and learn about colliding operators and bad search-fu.. Learn the Ways of the Google HackerSee how to use caches for anonymity and review directory listings and traversal techniques.. Review Document Grinding and Database DiggingSee the ways to use Google to locate documents and then search within the documents to locate information.. Understand Google's Part in an Information Collection FrameworkLearn the principles of automating searches and the applications of data mining.. Locate Exploits and Finding TargetsLocate exploit code and then vulnerable targets.. See Ten Simple Security SearchesLearn a few searches that give good results just about every time and are good for a security assessment.. Track Down Web ServersLocate and profile web servers, login portals, network hardware and utilities.. See How Bad Guys Troll for DataFind ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.. Hack Google ServicesLearn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.

No comments:

Post a Comment