Google Hacking for Penetration Testers
- 3rd Edition - November 12, 2015
- Imprint: Syngress
- Authors: Bill Gardner, Johnny Long, Justin Brown
- Language: English
- Paperback ISBN:9 7 8 - 0 - 1 2 - 8 0 2 9 6 4 - 0
- eBook ISBN:9 7 8 - 0 - 1 2 - 8 0 2 9 8 2 - 4
Google is the most popular search engine ever created, but Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly av… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteGoogle is the most popular search engine ever created, but Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web, including social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers, Third Edition, shows you how security professionals and system administratord manipulate Google to find this sensitive information and "self-police" their own organizations.
You will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with Facebook, LinkedIn, and more for passive reconnaissance.
This third edition includes completely updated content throughout and all new hacks such as Google scripting and using Google hacking with other search engines and APIs. Noted author Johnny Long, founder of Hackers for Charity, gives you all the tools you need to conduct the ultimate open source reconnaissance and penetration testing.
- Third edition of the seminal work on Google hacking
- Google hacking continues to be a critical phase of reconnaissance in penetration testing and Open Source Intelligence (OSINT)
- Features cool new hacks such as finding reports generated by security scanners and back-up files, finding sensitive info in WordPress and SSH configuration, and all new chapters on scripting Google hacks for better searches as well as using Google hacking with other search engines and APIs
Information security professionals, system administrators, and power users using Google’s powerful and at times complex search features to find sensitive information that should not be publicly available on the Web
- Chapter 1: Google Search Basics
- Abstract
- Introduction
- Exploring Google’s web-based interface
- Summary
- Fast track solutions
- Chapter 2: Advanced Operators
- Abstract
- Introduction
- Operator syntax
- Troubleshooting your syntax
- Introducing Google’s advanced operators
- “Intitle” and “allintitle”: search within the title of a page
- Allintext: locate a string within the text of a page
- Inurl and allinurl: finding text in a URL
- Site: narrow search to specific sites
- Filetype: search for files of a specific type
- Link: search for links to a page
- Inanchor: locate text within link text
- Cache: show the cached version of a page
- Numrange: search for a number
- Daterange: search for pages published within a certain date range
- Info: show Google’s summary information
- Related: show related sites
- Stocks: search for stock information
- Define: show the definition of a term
- Colliding operators and bad search-fu
- Summary
- Fast track solutions
- Links to sites
- Chapter 3: Google Hacking Basics
- Abstract
- Introduction
- Anonymity with caches
- Directory listings
- Locating directory listings
- Finding specific directories
- Finding specific files
- Server versioning
- Going out on a limb: traversal techniques
- Summary
- Fast track solutions
- Chapter 4: Document Grinding and Database Digging
- Abstract
- Introduction
- Configuration files
- Locating files
- Log files
- Office documents
- Database digging
- Login portals
- Support files
- Error messages
- Database dumps
- Actual database files
- Automated grinding
- Summary
- Fast track solutions
- Chapter 5: Google’s Part in an Information Collection Framework
- Abstract
- Introduction
- The principles of automating searches
- The original search term
- Expanding search terms
- Using “special” operators
- Getting the data from the source
- Scraping it yourself: requesting and receiving responses
- Scraping it yourself: the butcher shop
- Using other search engines
- Parsing the data
- Domains and subdomains
- Telephone numbers
- Postprocessing
- Collecting search terms
- Summary
- Chapter 6: Locating Exploits and Finding Targets
- Abstract
- Introduction
- Locating exploit code
- Locating exploits via common code strings
- Locating vulnerable targets
- Locating targets via source code
- Summary
- Chapter 7: Ten Simple Security Searches That Work
- Abstract
- Introduction
- site
- intitle:index.of
- error | warning
- login | logon
- username | userid | employee.ID \ “your username is”
- password | passcode | “your password is”
- admin | administrator
- –ext:html –ext:htm –ext:shtml –ext:asp –ext:php
- inurl:temp | inurl:tmp | inurl:backup | inurl.bak
- intranet | help.desk
- Summary
- Chapter 8: Tracking Down Web Servers, Login Portals, and Network Hardware
- Abstract
- Introduction
- Locating and profiling Web servers
- Locating login portals
- Using and locating various Web utilities
- Targeting Web-enabled network devices
- Locating network reports
- Locating network hardware
- Summary
- Chapter 9: Usernames, Passwords, and Secret Stuff, Oh My!
- Abstract
- Introduction
- Searching for usernames
- Searching for passwords
- Searching for credit card numbers, social security numbers, and more
- Social security numbers
- Personal financial data
- Searching for other juicy info
- Summary
- Chapter 10: Hacking Google Services
- Abstract
- Calendar
- Signaling alerts
- Google Co-op
- Google’s Custom Search Engine
- Chapter 11: Hacking Google Showcase
- Abstract
- Introduction
- Geek stuff
- Open network devices
- Open applications
- Cameras
- Telco gear
- Power
- Sensitive info
- Summary
- Chapter 12: Protecting Yourself from Google Hackers
- Abstract
- Introduction
- A Good Solid Security Policy
- Web server safeguards
- Software default settings and programs
- Hacking your own site
- Wikto
- Advance dork
- Getting help from Google
- Summary
- Fast track solutions
- Links to sites
- Subject Index
- Edition: 3
- Published: November 12, 2015
- Imprint: Syngress
- No. of pages: 234
- Language: English
- Paperback ISBN: 9780128029640
- eBook ISBN: 9780128029824
BG
Bill Gardner
Bill Gardner is an Assistant Professor at Marshall University, where he teaches information security and foundational technology courses in the Department of Integrated Science and Technology. He is also President and Principal Security Consultant at BlackRock Consulting. In addition, Bill is Vice President and Information Security Chair at the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement officers and information security practitioners in the private sector. Prior to joining the faculty at Marshall, Bill co-founded the Hack3rCon convention, and co-founded 304blogs, and he continues to serve as Vice President of 304Geeks. In addition, Bill is a founding member of the Security Awareness Training Framework, which will be a prime target audience for this book.
Affiliations and expertise
Bill Gardner OSCP, i-Net+, Security+, Asst. Prof. at Marshall UniversityJL
Johnny Long
Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.
Affiliations and expertise
Security Researcher, Founder of Hackers For CharityJB
Justin Brown
Justin Brown (@spridel11) is an Information Assurance Analyst at a large financial institution. Previously, Justin worked for as a consultant specializing in Open Source Intelligence. Through Google Hacking and dorks Justin has uncovered numerous troves of information leaks regarding his clients. Justin can usually be found at conferences volunteering with Hackers for Charity.
Affiliations and expertise
Information Security Professional at One Worlds LabRead Google Hacking for Penetration Testers on ScienceDirect