Google Hacking Book Review

Submitted by Aldea911

Google hacking for Penetration Testers is written from a sys admin point of view, starting with a basic web-interface and working up, building on what you have already learned from previous sections, you will with enough diligence, be a master Google user.

I am sure that you have seen the advanced search link on the page, but that entire link does is add certain filters. GHPT shows you that you do not have to use the link, but you can type in the filter your self. You at times do not even have to use the search field, but you can use the url itself to create a search, starting right in chapter one, setting a date range for your search to setting the language.

GHPT starts in chapter 4 to show you the pre-assessment process for making sure a site (preferable one you are trying to secure) is “safe”. Chapter 6 explains how to find exploit codes and cgi scripts. Chapter 7 is when it starts to get scary. You can locate password files user names and index of sites it self. This is where it starts to get scary. GHPT shows you how to find types of documents like access pdf, even word documents, and front here leads off to show you how you can find peoples social security numbers and intranet sites, that are NOT suppose to be accessible to the out side world. Imagine what would happen if someone got into your intranet and was able to get direct telephone numbers to your payroll dept., H.R., or the C.E.O. of your company.

This book is written to show people how to protect themselves from having things like this happen, so they don’t lose their jobs (lol), but it is also a great book for people that do lots of searching, since you will learn invaluable shortcuts. But the downside to this book is, I can guarantee you is the crackers read it also, that is why shows you how to protect yourself from “Google Hackers”, and chapter 12 shows you how to automate your searches, so that you can sit back, and just check the logs.

I would recommend anyone to read this book, May save your job, if you are an admin or developer, or just make your day to day searching easier.

I give it 4 out of 5, because some of the sections can be drawn out, and can get tedious getting some points across, but I did re-learn bout an old version of Google I have all but forgotten about:
http://www.google.com/intl/xx-hacker/

That is called “Google Hacker Speak”

Here is a list of a few different Google Hack pages.

http://www.googoth.co.in/

http://www.google.com/intl/xx-elmer/

http://www.google.com/intl/xx-klingon/

There are a few different specialized searches. Just google <linux or something> then click the feeling lucky button. If you have a fovorite Google hack or any Easter Egg in general, let us know. Use the contact page and it may get published in an upcomming issue.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15