Problem solve Get help with specific problems with your technologies, process and projects.

How to Google hack Windows servers

You should Google your public-facing Windows servers before a bad guy thinks to Google them first. Kevin Beaver offers Google tools and queries to help you find vulnerabilities.

In my previous tip, I discussed how can be used to perform security scans against your public-facing servers -- Windows, IIS, Apache and (heaven forbid) SQL Server. You can profile servers, find files containing sensitive information and detect "hidden" login pages, server log files and a whole lot more. In this tip, I will describe some neat Google tools and basic queries to help you ferret out the sensitive information that, although you may not realize it, is accessible to the public.

Use the following table of contents to navigate to each section of this tips series.


  • Why use Google to scan for security vulnerabilities
  • Google tools for automated hacking tests
  • Google queries for manual hacking tests
  • Four steps to safeguard Windows data from Google hackers

  • About the author: Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author of the book Hacking For Dummies and co-author of the upcoming book Hacking Wireless For Dummies, both by Wiley Publishing. Send your ethical hacking questions to Kevin today.

    More information from

  • Tip: Get a sampling of the information you can find with Google
  • Tip: Learn how to scan Windows machines against specific patches
  • Topic: Research Windows product flaws and vulnerabilities

  • Dig Deeper on Enterprise desktop management

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.