Skip to main content

What is Google Hacking?

Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.

More information about Google hacking can be found on: http://www.informit.com/articles/article.aspx?p=170880.


What a Hacker can do if your Website is Vulnerable

Information that the Google Hacking Database identifies:
  • Advisories and server vulnerabilities
  • Error messages that contain too much information
  • Files containing passwords
  • Sensitive directories
  • Pages containing logon portals
  • Pages containing network or vulnerability data such as firewall logs.



In 2014 the total number of websites on the internet reached 1 billion. Today it’s hovering somewhere in the neighborhood of 944 million due to websites going inactive, and it is expected to normalize again at 1 billion sometime in 2015. Let’s take a minute to absorb that number for a moment – 1 billion.
Another surprising statistic is that Google, one of the most popular search engines in the world, quarantines approximately 10,000 websites a day via its Safe Browsing technology. From our own research, out of the millions of websites that push through our scanning technology, roughly 2 – 5% of the them have some Indicator of Compromise (IoC) that signifies a website attack. Granted, this might be a bit high, as the websites being scanned are often suspected of having an issue, so to be conservative we would extrapolate that to suggest about 1% of the total websites online are hacked or infected. To put that into perspective, we are talking somewhere in the neighborhood of 9 million websites that are currently hacked or infected.



How to Check for Google Hacking Vulnerabilities


The easiest way to check whether your web site & applications have Google hacking vulnerabilities, is to use a Web Vulnerability Scanner. A Web Vulnerability Scanner scans your entire website and automatically checks for pages that are identified by Google hacking queries. (Note: Your web vulnerability scanner must be able to launch Google hacking queries).
Labels:

Comments

Post a Comment

Popular posts from this blog

10 MOST HAUNTED PLACES IN THE WORLD

It seems that one of the most enduring aspects of cultural similarity found throughout the world involves the supernatural.  No matter where you go across the globe, you’re going to hear various legends and ghost stories…except some of these carry significantly more weight than your average campfire story.  People seem to be somewhat obsessed with what goes on after death, especially in regards to whether or not the spirits of the departed stick around.  It would be easy to say that such attention can be blamed on vivid, Hollywood inspired imaginations, but documented reports of supernatural disturbances go back several centuries in many places, underlining the fact that no matter the time period or society involved, the paranormal remains on people’s minds. Sure, many places in the world that are reputedly haunted seem more far-fetched than realistic, but there are those that have a tendency to make even the most hardened skeptic stop and reconsider.  Listed he...
Post a Comment
Read more

How to Make Phone Numbers Callable in Google Sheets?

How to Insert Clickable Phone Numbers in Web Pages We use the simple tel protocol to convert a plain text phone number on a web page into a clickable telephone link For instance, if you click  this link  on a mobile phone, it will open the phone dialer prefilled with the specified number. There’s no need to copy-paste numbers. How to Type Phone Numbers in a Google Sheet It is a bit tricky to type phone numbers inside Google Spreadsheets. Here’s why: Phone numbers are mostly made of digits preceded by the plus (+) symbol. The problem is as soon as add the plus sign in the spreadsheet cell, it assumes that you entering a math formula and tries to calculate the value. There are two simple workarounds to this problem. You can enclose the phone number inside double quotes (“) and precede it with an equal to (=) sign. An even easier alternative is to use the single quote (‘) before the phone number. Google Sheets will then interpret the cell’...
Post a Comment
Read more

What is Bitcoin?

Bitcoin is a form of digital currency, created and held electronically. No one controls it. Bitcoins aren’t printed, like dollars or euros – they’re produced by people, and increasingly businesses, running computers all around the world, using software that solves mathematical problems. It’s the first example of a growing category of money known as cryptocurrency. What makes it different from normal currencies? Bitcoin can be used to buy things electronically. In that sense, it’s like conventional dollars, euros, or yen, which are also traded digitally. However, bitcoin’s most important characteristic, and the thing that makes it different to conventional money, is that it is  decentralized . No single institution controls the bitcoin network. This puts some people at ease, because it means that a large bank can’t control their money. Who created it? A software developer called Satoshi Nakamoto proposed bitcoin, which was an electronic payment sys...
Post a Comment
Read more