Are you Vulnerable to Google Hacking?
The term “Google Hacking” refers to a hacker attack that uses a search engine like Google to find vulnerable Web servers and websites. Google hacking makes use of special search queries to locate servers and Web applications running with incomplete security or with no security. In addition to searching for vulnerable servers and applications, Google hacking has grown in recent years to include launching attacks with search engine queries.
The Google Hacking Database
The Google Hacking Database (GHDB) is a compendium of Google hacking search terms that have been found to reveal sensitive data. The GHDB is maintained by Johnny Long, a security research and Google Hacking expert, and consists of contributions from the Google hacking community. The database is used by an automated tool called Acunetix Web Vulnerability Scanner, to test Web servers and websites for Google hacking vulnerabilities.
Some of the categories of Google hacking vulnerabilities in the GHDB include:
- Product-specific advisories
- Error messages that contain sensitive information such as directory paths
- Files with sensitive data, passwords and user names
- Sensitive online shopping data
- Web server detailed information
Tools that search for Google hacking vulnerabilities use the GHDB to make sure that the most current threats are being tested.
Testing for Google Hacking Vulnerabilities
The only way to prevent Google hacking attacks on Web servers and Web applications is to test for hacking vulnerabilities. A Web Vulnerability Scanner that supports the launch of Google hacking queries, such as Acunetix Web Vulnerability Scanner, will crawl each page of a website and check for vulnerabilities that are reflected by the Google community at large. This is a significant benefit that few others offer!
Prevent Google Hacking Attacks with Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner checks your website for google hacking attacks and ensures website security by automatically checking for SQL injection, Cross site scripting and other vulnerabilities. It checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist. Take a product tour or download the evaluation version today!