Google Hacking for Penetration Testers (3rd Ed.)
Auteurs : Gardner Bill, Long Johnny, Brown Justin
Google is the most popular search engine ever created, but Google?s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web, including social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers, Third Edition, shows you how security professionals and system administratord manipulate Google to find this sensitive information and "self-police" their own organizations.
You will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with Facebook, LinkedIn, and more for passive reconnaissance.
This third edition includes completely updated content throughout and all new hacks such as Google scripting and using Google hacking with other search engines and APIs. Noted author Johnny Long, founder of Hackers for Charity, gives you all the tools you need to conduct the ultimate open source reconnaissance and penetration testing.
Chapter 1 Google Searching Basics Chapter 2 Advanced Operators Chapter 3 Google Hacking Basics – The new location of the GHDB Chapter 4 Document Grinding and Database Digging – Finding Reports Generated By Security Scanners and Back-Up Files Chapter 5 Google’s Part in an Information Collection Framework Chapter 6 Locating Exploits and Finding Targets Chapter 7 Ten Simple Security Searches That Work Chapter 8 Tracking Down Web Servers, Login Portals, and Network Hardware - Finding Sensitive WordPress and SSH Configuration Chapter 9 Usernames, Passwords, and Secret Stuff, Oh My! – Finding GitHub, SQL, Gmail, Facebook, and other Passwords Chapter 10 Hacking Google Services Chapter 11 Google Hacking Showcase Chapter 12 Protecting Yourself from Google Hackers Chapter 13 Scripting Google Hacking For Better Searching Chapter 14 Using Google Hacking with Other Web Search Engines and APIs
Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.
Justin Brown (@spridel11) is an Information Assurance Analyst at a large financial institution. Previously, Justin worked for as a consultant specializing in Open Source Intelligence. Through Google Hacking and dorks Justin has uncovered numerous troves of information leaks regarding his clients. Justin can usually be found at conferences volunteering with Hackers for Charity.
- Third edition of the seminal work on Google hacking
- Google hacking continues to be a critical phase of reconnaissance in penetration testing and Open Source Intelligence (OSINT)
- Features cool new hacks such as finding reports generated by security scanners and back-up files, finding sensitive info in WordPress and SSH configuration, and all new chapters on scripting Google hacks for better searches as well as using Google hacking with other search engines and APIs
Date de parution : 11-2015
Ouvrage de 234 p.
19x23.4 cm
Thèmes de Google Hacking for Penetration Testers :
Mots-clés :
your password is; ldquo; your username is; -ext htm; -extasp; -exthtml; -extphp; -extshtml; admin; administrator; anonymity; automating searches; bad search-fu; Boolean; Calendar; cameras; collecting search terms; colliding operators; combining advance operators; credit card numbers; data mining; directories; employee.ID; error; GHDB; Gmail; Google cache; Google Co-op; Google Custom Search Engine; Google hacking defense; Google Maps; Google News; Google URLs; Google Warnings; Google Web interface; Google's advance search paramete