Security - Computer Networks, Internet & World Wide Web - General & Miscellaneous, Searching the Web, Online Marketing
Log in to track your reading progress.
Overview
A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I’ve seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true—creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information.–Johnny Long
• Learn Google Searching Basics
Explore Google’s Web-based Interface, build Google queries, and work with Google URLs.
• Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
• Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
• Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
• Understand Google’s Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
• Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
• See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
• Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
• See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
• Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.
Editorials
From Barnes & Noble
The Barnes & Noble ReviewWhat’s the best way to find vulnerable systems nowadays? Same way you find everything: with Google. The right search can reveal unpatched systems, passwords, credit card data, you name it. Now the world’s No. 1 “Google hacker” shows how to do a top-to-bottom Google penetration test -- and then fix the shocking problems you just might find.
Start with HR: Not every intranet’s as private as it’s supposed to be. And are you sure your help desk’s handy network connectivity “how-to” guide isn’t on the Web? Troll for legitimate email addresses, use Google Local to become a better “social engineer,” even find personal Outlook folders.
All that’s just prep. Long shows how to use Google to map corporate networks; to locate exploits, web servers, login portals, usernames, even network hardware; to dig through everything from config files to database dumps. If you aren’t scared yet...why? Bill Camarda, from the February 2005 Read Only
Slashdot.org
Whether you're a penetration tester wanting to exploit Google, a Web administrator wanting to protect yourself from information leaks, or even a newbie wanting to harness Google's full potential, Google Hacking for Penetration Testers makes an excellent resource. If you, too, use Google as a second brain, pick up Johnny Long's book and learn how to exploit this powerful search engine to its full capacity.Book Details
Published
April 18, 2011
Publisher
Elsevier Science
Pages
560
ISBN
9780080484266