55
Getting Started: Scanning Your Website
Getting Started: Scanning Your Website
55
4.12 Google Hacking Vulnerabilities
Google hacking is the term used when a hacker
tries to find exploitable
targets and sensitive data by using search engines. The Google Hacking
Database (GHDB) is a database
of queries that identify sensitive data.
Although Google blocks some of the better known Google hacking queries, a
hacker may still crawl your site,
and launch Google Hacking Database
queries directly onto the crawled content.
The Google hacking feature will launch all the queries found in the Google
Hacking Database, onto the crawled content of your website thus finding any
sensitive data or exploitable targets before a “search engine hacker” does.
The Google hacking feature is a unique, industry first feature.
The Google Hacking Database is located at:
http://johnny.ihackstuff.com and looks for the following information:
Advisories and server vulnerabilities
Error messages that contain too much information
Files containing passwords
Sensitive directories
Pages containing logon portals
Pages containing network or vulnerability data such as firewall logs.
For further reference please visit:
To generate a report, a database must be configured (either MDB or SQL). This can
be done from the Tools Explorer by selecting the Configuration > Settings node and,
subsequently, Application Settings > Database.
 |
 |
 |