Google Hacking for Penetration Testers
Google Hacking for Penetration Testers
author Johnny Long pages 448 publisher Syngress reviewer Corey Nachreiner ISBN 1931836361
summary Google’s dark and dork sides exposed; despite the title, useful for everyone who’d like to get the most out of google
Most Web surfers don’t realize the sheer amount of extremely sensitive information available for the harvesting on the Internet. In that sense, Google Hacking is eye-popping. Do you want to find misconfigured Web servers that publicly list their directory contents? A quick Google search does the trick. Or, suppose you found some new exploit code that only works against a particular version of IIS 5.0. Submit a quick Google query for a helpful list of possible targets. Do you want to harvest user logins, passwords (for example, mySQL passwords in a connect.inc file), credit card numbers, social security numbers or any other potentially damaging tidbit that Web users and administrators accidentally leak onto the Internet? Google Hacking shows you how, with highly refined searches gleaned from the community contributing to the Google Hacking database (GHDB) found on Long’s Web site.
Haven’t read this particular one, but it sounds fun. There are a bunch of these books and articles on interesting uses for Google and other web services coming out lately. I’m still trying to stay mostly in book-reduction mode, having donated 90+ boxes of books to the library last year to clear out some space.
Tags: google, search, hacking, security
