e-Book: Google Hacking for Penetration Testers.

Google Hacking for Penetration Testers

By Johnny Long, Ed Skoudis, Alrik van Eijkelenborg

Publisher: Syngress | 2005 | 448 Pages | ISBN: 1931836361 | PDF | 26.6 MB

Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users don't realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker's search.

Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage.

*First book about Google targeting IT professionals and security leaks through web browsing.

*Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic.

*Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.

Download:

Hotfile
Megaupload

4 comments

Qualysec11 July 2024 at 01:21
An information security audit is a thorough analysis of a business's IT infrastructure to ensure best security audit services are being followed and regulatory requirements are met. Conducted annually, these audits help identify security vulnerabilities and protect against cyber threats. Surprisingly, only 52% of companies conduct security audits, contributing to the high number of daily cyberattacks. There are five main types of security audits: compliance audits, vulnerability assessments, penetration tests, security architecture reviews, and risk assessments, each targeting different aspects of security and compliance. Third-party IT security auditors and pen testers use various tools and techniques to provide a comprehensive analysis of the organization's IT infrastructure.
Qualysec28 July 2024 at 22:50
Vulnerability assessment and penetration testing (VAPT) is a security testing process using automated tools and manual techniques to find vulnerabilities in an IT environment. It helps assess the security measures of applications, networks, cloud, APIs, and other digital assets and enhances them by fixing security flaws. Qualysec Technologies is a leading VAPT testing company that follows a process-based approach to identify hidden vulnerabilities. We have worked with over 90 clients and have secured over 350 applications. Secure your business today from evolving cyber threats by conducting VAPT testing.
Qualysec21 August 2024 at 23:30
Threats associated with the theft of digital data require security measures and these security measures can be provided using innovative s and advanced technology. The cybersecurity industry plays an important role in this fast-changing world. Cybersecurity companies in Europe play an important role in protecting digital assets. Qualysec Technologies shines in this area, providing top-notch penetration testing that boosts trustworthiness without risking the safety of applications.
Anonymous4 October 2024 at 00:39
Investing is a powerful way for women to secure their financial future and gain independence. Start with the basics – retirement accounts and an emergency fund – and build from there. Diversifying your investments, investing in yourself, and seeking professional advice can all contribute to a strong financial foundation. Investing for women is more than just growing wealth—it’s about creating a secure and independent future. Whether you’re working, raising a family, or balancing both, financial independence can open doors to opportunities, freedom, and peace of mind.