Google tools for automated hacking tests

The following tip is one of a series on why and how to perform security scans against your public-facing servers using Google. Return to the main page for the complete list of tips.

There is a variety of tools available to automate and enhance your Google hacking tests. They include:

• Johnny Long's Google Hacking Database (GHDB) provides tons of query samples that you can tweak and use on your own sites and domains.
• Foundstone Inc.'s SiteDigger utilizes Foundstone's own customized Google queries as well as Johnny Long's GHDB to perform automated searches.

  Note: Google only allows 1,000 queries per day. This seems like a lot, but it can add up quickly using tools like these.

• Johnny Long's Gooscan for Linux can be used to perform automated command-line Google queries.
• Google Toolbar for Internet Explorer simplifies the querying process by allowing you to enter queries directly without first going to www.google.com. If you're a conscientious objector and prefer using Netscape or Mozilla Firefox, check out the open source Googlebar.
• GooDelete can be used to clear cached Google Toolbar queries that may contain sensitive information that you don't want lying around.

Also, if you're really enthusiastic about Google hacking, your bookshelf shouldn't be without Johnny Long's highly regarded book on this subject Google Hacking for Penetration Testers.

About the author: Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author of the book Hacking For Dummies and co-author of the upcoming book Hacking Wireless For Dummies, both by Wiley Publishing. Send your ethical hacking questions to Kevin today.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Intrusion detection, prevention and removal Windows security tools for the busy desktop administrator Check IT List: Five steps for rootkit detection Top Windows client security tools for end users Tools for virus removal and detection Buffer overflows can be prevented by GS cookies Determining the proper Microsoft malware removal tool October patches fix four threats Cool things about security, nothing about Britney Spears Run third-party malware detection tools in Windows Malware prevention and detection webcast series

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary