Skip to main content

What is Google Hacking?

Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.

More information about Google hacking can be found on: http://www.informit.com/articles/article.aspx?p=170880.


What a Hacker can do if your Website is Vulnerable

Information that the Google Hacking Database identifies:
  • Advisories and server vulnerabilities
  • Error messages that contain too much information
  • Files containing passwords
  • Sensitive directories
  • Pages containing logon portals
  • Pages containing network or vulnerability data such as firewall logs.



In 2014 the total number of websites on the internet reached 1 billion. Today it’s hovering somewhere in the neighborhood of 944 million due to websites going inactive, and it is expected to normalize again at 1 billion sometime in 2015. Let’s take a minute to absorb that number for a moment – 1 billion.
Another surprising statistic is that Google, one of the most popular search engines in the world, quarantines approximately 10,000 websites a day via its Safe Browsing technology. From our own research, out of the millions of websites that push through our scanning technology, roughly 2 – 5% of the them have some Indicator of Compromise (IoC) that signifies a website attack. Granted, this might be a bit high, as the websites being scanned are often suspected of having an issue, so to be conservative we would extrapolate that to suggest about 1% of the total websites online are hacked or infected. To put that into perspective, we are talking somewhere in the neighborhood of 9 million websites that are currently hacked or infected.



How to Check for Google Hacking Vulnerabilities


The easiest way to check whether your web site & applications have Google hacking vulnerabilities, is to use a Web Vulnerability Scanner. A Web Vulnerability Scanner scans your entire website and automatically checks for pages that are identified by Google hacking queries. (Note: Your web vulnerability scanner must be able to launch Google hacking queries).
Labels:

Comments

Post a Comment

Popular posts from this blog

5 real-world events which ‘prove’ that time travel actually exists

In Back to the Future, you need an expensive car, and a conveniently placed lightning bolt – but what if time travel was easier than that? What if time travellers were ALL AROUND US? The ‘time travelling hipster’ (above) is one of the creepier pieces of evidence touted as proof that time travel exists – but we’ve picked out some of the best below, including several people from black-and-white films who appear to be using mobile phones. Nigel Watson, paranormal expert and author of the UFO Investigations Manual, ‘Would time travelers from the future really be using mobile phones? Wouldn’t they use something more sophisticated and less visible? Then again Dr Who still uses a sonic screwdriver and that is so 20th Century…’ Entry by  Cervus Entry by  Chan Teik Onn Entry by  GordonHaid Entry by  gicusudoru
Post a Comment
Read more

Anonymous just declared war against Donald Trump !@

One of the primary Twitter accounts for the internet’s most notorious hacktivist collective tweeted multiple times at the President-elect on Sunday night, shortly after Trump  attacked civil rights icon John Lewis  and blasted Saturday Night Live as “ the worst of NBC ” (oddly enough the same network that carries the reality TV show for which Trump is  listed as an executive producer ) . In a series of responses to one of Trump’s tweets accusing outgoing CIA director John Brennan of leaking the infamous “Golden Showers” dossier,  @YourAnonCentral  told the President-elect that his dealings with “Russian mobsters, child traffickers, and money launderers” would soon come to light. Anonymous also ominously warned Trump that information on the internet is there forever, and that his rich father can’t protect him anymore. Anonymous isn’t just blowing hot air — Trump actually does have ties to unsavory characters tied to the Russia mob, according to Pulitze...
Post a Comment
Read more

10 MOST HAUNTED PLACES IN THE WORLD

It seems that one of the most enduring aspects of cultural similarity found throughout the world involves the supernatural.  No matter where you go across the globe, you’re going to hear various legends and ghost stories…except some of these carry significantly more weight than your average campfire story.  People seem to be somewhat obsessed with what goes on after death, especially in regards to whether or not the spirits of the departed stick around.  It would be easy to say that such attention can be blamed on vivid, Hollywood inspired imaginations, but documented reports of supernatural disturbances go back several centuries in many places, underlining the fact that no matter the time period or society involved, the paranormal remains on people’s minds. Sure, many places in the world that are reputedly haunted seem more far-fetched than realistic, but there are those that have a tendency to make even the most hardened skeptic stop and reconsider.  Listed he...
Post a Comment
Read more