Google Hacking for Penetration Testers

Google Hacking for Penetration Testers

by Johnny Long
Released December 2004
Publisher(s): Syngress
ISBN: 9780080478050

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users don’t realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker’s search.

Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage.

*First book about Google targeting IT professionals and security leaks through web browsing.

*Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black
Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic.

*Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.

Table of contents

  1. Cover (1/3)
  2. Cover (2/3)
  3. Cover (3/3)
  4. Contents (1/2)
  5. Contents (2/2)
  6. Foreword
  7. Google Searching Basics (1/8)
  8. Google Searching Basics (2/8)
  9. Google Searching Basics (3/8)
  10. Google Searching Basics (4/8)
  11. Google Searching Basics (5/8)
  12. Google Searching Basics (6/8)
  13. Google Searching Basics (7/8)
  14. Google Searching Basics (8/8)
  15. Advanced Operators (1/10)
  16. Advanced Operators (2/10)
  17. Advanced Operators (3/10)
  18. Advanced Operators (4/10)
  19. Advanced Operators (5/10)
  20. Advanced Operators (6/10)
  21. Advanced Operators (7/10)
  22. Advanced Operators (8/10)
  23. Advanced Operators (9/10)
  24. Advanced Operators (10/10)
  25. Google Hacking Basics (1/7)
  26. Google Hacking Basics (2/7)
  27. Google Hacking Basics (3/7)
  28. Google Hacking Basics (4/7)
  29. Google Hacking Basics (5/7)
  30. Google Hacking Basics (6/7)
  31. Google Hacking Basics (7/7)
  32. Pre-Assessment (1/6)
  33. Pre-Assessment (2/6)
  34. Pre-Assessment (3/6)
  35. Pre-Assessment (4/6)
  36. Pre-Assessment (5/6)
  37. Pre-Assessment (6/6)
  38. Network Mapping (1/6)
  39. Network Mapping (2/6)
  40. Network Mapping (3/6)
  41. Network Mapping (4/6)
  42. Network Mapping (5/6)
  43. Network Mapping (6/6)
  44. Locating Exploits and Finding Targets (1/5)
  45. Locating Exploits and Finding Targets (2/5)
  46. Locating Exploits and Finding Targets (3/5)
  47. Locating Exploits and Finding Targets (4/5)
  48. Locating Exploits and Finding Targets (5/5)
  49. Ten Simple Security Searches That Work (1/4)
  50. Ten Simple Security Searches That Work (2/4)
  51. Ten Simple Security Searches That Work (3/4)
  52. Ten Simple Security Searches That Work (4/4)
  53. Tracking Down Web Servers, Login Portals, and Network Hardware (1/9)
  54. Tracking Down Web Servers, Login Portals, and Network Hardware (2/9)
  55. Tracking Down Web Servers, Login Portals, and Network Hardware (3/9)
  56. Tracking Down Web Servers, Login Portals, and Network Hardware (4/9)
  57. Tracking Down Web Servers, Login Portals, and Network Hardware (5/9)
  58. Tracking Down Web Servers, Login Portals, and Network Hardware (6/9)
  59. Tracking Down Web Servers, Login Portals, and Network Hardware (7/9)
  60. Tracking Down Web Servers, Login Portals, and Network Hardware (8/9)
  61. Tracking Down Web Servers, Login Portals, and Network Hardware (9/9)
  62. Usernames, Passwords, and Secret Stuff, Oh My! (1/6)
  63. Usernames, Passwords, and Secret Stuff, Oh My! (2/6)
  64. Usernames, Passwords, and Secret Stuff, Oh My! (3/6)
  65. Usernames, Passwords, and Secret Stuff, Oh My! (4/6)
  66. Usernames, Passwords, and Secret Stuff, Oh My! (5/6)
  67. Usernames, Passwords, and Secret Stuff, Oh My! (6/6)
  68. Document Grinding and Database Digging (1/7)
  69. Document Grinding and Database Digging (2/7)
  70. Document Grinding and Database Digging (3/7)
  71. Document Grinding and Database Digging (4/7)
  72. Document Grinding and Database Digging (5/7)
  73. Document Grinding and Database Digging (6/7)
  74. Document Grinding and Database Digging (7/7)
  75. Protecting Yourself from Google Hackers (1/9)
  76. Protecting Yourself from Google Hackers (2/9)
  77. Protecting Yourself from Google Hackers (3/9)
  78. Protecting Yourself from Google Hackers (4/9)
  79. Protecting Yourself from Google Hackers (5/9)
  80. Protecting Yourself from Google Hackers (6/9)
  81. Protecting Yourself from Google Hackers (7/9)
  82. Protecting Yourself from Google Hackers (8/9)
  83. Protecting Yourself from Google Hackers (9/9)
  84. Automating Google Searches (1/11)
  85. Automating Google Searches (2/11)
  86. Automating Google Searches (3/11)
  87. Automating Google Searches (4/11)
  88. Automating Google Searches (5/11)
  89. Automating Google Searches (6/11)
  90. Automating Google Searches (7/11)
  91. Automating Google Searches (8/11)
  92. Automating Google Searches (9/11)
  93. Automating Google Searches (10/11)
  94. Automating Google Searches (11/11)
  95. Professional Security Testing (1/4)
  96. Professional Security Testing (2/4)
  97. Professional Security Testing (3/4)
  98. Professional Security Testing (4/4)
  99. An Introduction to Web Application Security (1/10)
  100. An Introduction to Web Application Security (2/10)
  101. An Introduction to Web Application Security (3/10)
  102. An Introduction to Web Application Security (4/10)
  103. An Introduction to Web Application Security (5/10)
  104. An Introduction to Web Application Security (6/10)
  105. An Introduction to Web Application Security (7/10)
  106. An Introduction to Web Application Security (8/10)
  107. An Introduction to Web Application Security (9/10)
  108. An Introduction to Web Application Security (10/10)
  109. Index (1/4)
  110. Index (2/4)
  111. Index (3/4)
  112. Index (4/4)
  113. Related Titles

Product information

  • Title: Google Hacking for Penetration Testers
  • Author(s): Johnny Long
  • Release date: December 2004
  • Publisher(s): Syngress
  • ISBN: 9780080478050