Google Hacking for Penetration Testers, Band 2

Cover
Elsevier, 18.04.2011 - 560 Seiten
This book helps people find sensitive information on the Web.

Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police their own organizations.

Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

• Learn Google Searching Basics
Explore Google’s Web-based Interface, build Google queries, and work with Google URLs.
• Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
• Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
• Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
• Understand Google’s Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
• Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
• See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
• Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
• See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
• Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.
 

Ausgewählte Seiten

Inhalt

Chapter 1 Google Searching Basics
1
Chapter 2 Advanced Operators
49
Chapter 3 Google Hacking Basics
93
Chapter 4 Document Grinding and Database Digging
121
Chapter 5 Googles Part in an Information Collection Framework
161
Chapter 6 Locating Exploits and Finding Targets
223
Chapter 7 Ten Simple Security Searches That Work
263
Chapter 8 Tracking Down Web Servers Login Portals and Network Hardware
281
Chapter 9 Usernames Passwords and Secret Stuff Oh My
345
Chapter 10 Hacking Google Services
373
Chapter 11 Google Hacking Showcase
419
Chapter 12 Protecting Yourself from Google Hackers
479
Index
521
Urheberrecht

Häufige Begriffe und Wortgruppen

administrator allows Apache application attacker base cached chapter command common configuration file connection consider contain Continued create database default Description devices directory listings displayed document domain e-mail addresses error message example execution exploit extension field function Google Hacking Google query Google search Google's Groups hacker host Images installed interesting interface Internet intitle intitle:index.of language locate login look Management Microsoft operator options output parameter password phrase Powered protect proxy query remote request reveal script search engine search terms seconds server shown in Figure shows similar simply specific string Table techniques tool username versions vulnerabilities Windows

Beliebte Passagen

Seite i - Syngress is committed to publishing high-quality books for IT Professionals and delivering those books in media and formats that fit the demands of our customers. We are also committed to extending the utility of the book you purchase via additional materials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our solutions@syngress.com Web pages. There you will find an assortment of value-added features such as...
Wird in 9 Büchern von 2006 bis 2007 erwähnt
Seite i - ... at syngress.com features overstocked, out-of-print, or slightly hurt books at significant savings. SITE LICENSING Syngress has a well-established program for site licensing our e-books onto servers in corporations, educational institutions, and large organizations. Contact us at sales@ syngress.com for more information. CUSTOM PUBLISHING Many organizations welcome the ability to combine parts of multiple Syngress books, as well as their own content, into a single volume for their own internal...
Wird in 8 Büchern von 2006 bis 2007 erwähnt
Seite 36 - Barbados Bangladesh Belgium Burkina Faso Bulgaria Bahrain Burundi Benin Bermuda Brunei Darussalam Bolivia Brazil Bahamas Bhutan Burma Botswana...
Wird in 13 Büchern von 1987 bis 2007 erwähnt

Verweise auf dieses Buch

Autoren-Profil (2011)

Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.

Justin Brown (@spridel11) is an Information Assurance Analyst at a large financial institution. Previously, Justin worked for as a consultant specializing in Open Source Intelligence. Through Google Hacking and dorks Justin has uncovered numerous troves of information leaks regarding his clients. Justin can usually be found at conferences volunteering with Hackers for Charity.

Bibliografische Informationen

TitelGoogle Hacking for Penetration Testers, Band 2
AutorenBill Gardner, Johnny Long, Justin Brown
Ausgabeüberarbeitet
VerlagElsevier, 2011
ISBN0080484263, 9780080484266
Länge560 Seiten
  
Zitat exportierenBiBTeX EndNote RefMan