Google Hacking for Penetration Testers


Book
December 2007
Elsevier Science and Technology
ID: 1762181

This book helps people find sensitive information on the Web.

Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google's search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and "self-police� their own organizations.

Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

Why Bother w/Google for an Assessment
Advanced Operators
Google Hacking Basics
Pre-Assessment
Mapping the Target Network
Locating Exploits and Finding Targets
10 Simple searches
Tracking Down Web Servers, Login Portals and Network Hardware
Usernames, Passwords and Other Secret Stuff
Document Grinding and Database Digging
Protecting Yourself From Google Hackers
Programming Google Searches

Authors

Bill Gardner Bill Gardner OSCP, i-Net+, Security+, Asst. Prof. at Marshall University. Bill Gardner is an Assistant Professor at Marshall University, where he teaches information security and foundational technology courses in the Department of Integrated Science and Technology. He is also President and Principal Security Consultant at BlackRock Consulting. In addition, Bill is Vice President and Information Security Chair at the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement officers and information security practitioners in the private sector. Prior to joining the faculty at Marshall, Bill co-founded the Hack3rCon convention, and co-founded 304blogs, and he continues to serve as Vice President of 304Geeks. In addition, Bill is a founding member of the Security Awareness Training Framework, which will be a prime target audience for this book. Johnny Long Security Researcher, Founder of Hackers For Charity. Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills. Justin Brown Information Security Professional at One Worlds Lab. Justin Brown (@spridel11) is an Information Assurance Analyst at a large financial institution. Previously, Justin worked for as a consultant specializing in Open Source Intelligence. Through Google Hacking and dorks Justin has uncovered numerous troves of information leaks regarding his clients. Justin can usually be found at conferences volunteering with Hackers for Charity.

Table of Contents

Authors

Related Topics

Related Products

Global Penetration Testing Market 2024-2028

Global Penetration Testing Market by Offering (Solution, Services), Type (Web Applications, Mobile Applications, Network Infrastructure, Social Engineering, Cloud), Organization Size, Deployment Mode, Vertical and Region - Forecast to 2029

Penetration Testing - Market Share Analysis, Industry Trends & Statistics, Growth Forecasts 2019 - 2029

Penetration Testing - Global Strategic Business Report

Penetration Testing Global Market Insights 2024, Analysis and Forecast to 2029, by Market Participants, Regions, Technology, Application