Google Hacking for Penetration Testers

Google Hacking for Penetration Testers

1st Edition - November 7, 2007

Write a review

  • Authors: Johnny Long, Bill Gardner, Justin Brown
  • eBook ISBN: 9780080484266

Purchase options

Purchase options
DRM-free (PDF, Mobi, EPub)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


This book helps people find sensitive information on the Web.Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police” their own organizations.Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

Key Features

• Learn Google Searching Basics
Explore Google’s Web-based Interface, build Google queries, and work with Google URLs.
• Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
• Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
• Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
• Understand Google’s Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
• Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
• See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
• Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
• See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
• Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.


Security professionals, system administrators, and power users using Google’s powerful, and at times complex, search features to find sensitive information that should *NOT* be publicly available on the Web.

Table of Contents

  • Instructions for online access


    Lead Author

    Contributing Authors

    Chapter 1: Google Searching Basics


    Exploring Google’s Web-based Interface

    Language Tools

    Building Google Queries

    Working With Google URLs

    URL Syntax


    Solutions Fast Track

    Links to Sites

    Frequently Asked Questions

    Chapter 2: Advanced Operators


    Operator Syntax

    Troubleshooting Your Syntax

    Introducing Google’s Advanced Operators

    Allintext: Locate a String Within the Text of a Page

    Inurl and Allinurl: Finding Text in a URL

    Site: Narrow Search to Specific Sites

    Filetype: Search for Files of a Specific Type

    Link: Search for Links to a Page

    Inanchor: Locate Text Within Link Text

    Cache: Show the Cached Version of a Page

    Numrange: Search for a Number

    Daterange: Search for Pages Published Within a Certain Date Range

    Info: Show Google’s Summary Information

    Related: Show Related Sites

    Author: Search Groups for an Author of a Newsgroup Post

    Group: Search Group Titles

    Insubject: Search Google Groups Subject Lines

    Msgid: Locate a Group Post by Message ID

    Stocks: Search for Stock Information

    Define: Show the Definition of a Term

    Phonebook: Search Phone Listings

    Colliding Operators and Bad Search-Fu


    Solutions Fast Track

    Links to Sites

    Frequently Asked Questions

    Chapter 3: Google Hacking Basics


    Anonymity with Caches

    Directory Listings

    Locating Directory Listings

    Finding Specific Directories

    Finding Specific Files

    Server Versioning

    Going Out on a Limb: Traversal Techniques

    Incremental Substitution

    Extension Walking


    Solutions Fast Track

    Links to Sites

    Frequently Asked Questions

    Chapter 4: Document Grinding and Database Digging


    Configuration Files

    Log Files

    Office Documents

    Database Digging

    Login Portals

    Support Files

    Error Messages

    Database Dumps

    Actual Database Files

    Automated Grinding

    Google Desktop Search


    Solutions Fast Track

    Links to Sites

    Frequently Asked Questions

    Chapter 5: Google's Part in an Information Collection Framework


    The Principles of Automating Searches

    The Original Search Term

    Expanding Search Terms

    Getting the Data From the Source

    Parsing the Data

    Post Processing

    Applications of Data Mining

    Most Interesting

    Collecting Search Terms

    On the Web

    Spying on Your Own

    Honey Words



    Chapter 6: Locating Exploits and Finding Targets


    Locating Exploit Code

    Locating Public Exploit Sites

    Locating Exploits Via Common Code Strings

    Locating Code with Google Code Search

    Locating Malware and Executables

    Locating Vulnerable Targets

    Locating Targets Via Demonstration Pages

    Locating Targets Via Source Code

    Locating Targets Via CGI Scanning


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7: Ten Simple Security Searches That Work



    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8: Tracking Down Web Servers, Login Portals, and Network Hardware


    Locating and Profiling Web Servers

    Default Pages

    Default Documentation

    Sample Programs

    Locating Login Portals

    Using and Locating Various Web Utilities

    Targeting Web-Enabled Network Devices

    Locating Various Network Reports

    Locating Network Hardware


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9: Usernames, Passwords, and Secret Stuff, Oh My!


    Searching for Usernames

    Searching for Passwords

    Searching for Credit Card Numbers, Social Security Numbers, and More

    Social Security Numbers

    Personal Financial Data

    Searching for Other Juicy Info


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 10: Hacking Google Services

    AJAX Search API


    Blogger and Google’s Blog Search

    Signaling Alerts

    Google Co-op

    Google Code

    Chapter 11: Google Hacking Showcase


    Geek Stuff


    Telco Gear


    Sensitive Info

    Social Security Numbers

    Beyond Google


    Chapter 12: Protecting Yourself from Google Hackers


    A Good, Solid Security Policy

    Web Server Safeguards

    Hacking Your Own Site

    Getting Help from Google


    Solutions Fast Track

    Links to Sites

    Frequently Asked Questions


Product details

  • No. of pages: 560
  • Language: English
  • Copyright: © Syngress 2007
  • Published: November 7, 2007
  • Imprint: Syngress
  • eBook ISBN: 9780080484266

About the Authors

Johnny Long

Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website ( He is the founder of Hackers For Charity(, an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.

Affiliations and Expertise

Security Researcher, Founder of Hackers For Charity

Bill Gardner

Bill Gardner is an Assistant Professor at Marshall University, where he teaches information security and foundational technology courses in the Department of Integrated Science and Technology. He is also President and Principal Security Consultant at BlackRock Consulting. In addition, Bill is Vice President and Information Security Chair at the Appalachian Institute of Digital Evidence. AIDE is a non-profit organization that provides research and training for digital evidence professionals including attorneys, judges, law enforcement officers and information security practitioners in the private sector. Prior to joining the faculty at Marshall, Bill co-founded the Hack3rCon convention, and co-founded 304blogs, and he continues to serve as Vice President of 304Geeks. In addition, Bill is a founding member of the Security Awareness Training Framework, which will be a prime target audience for this book.

Affiliations and Expertise

Bill Gardner OSCP, i-Net+, Security+, Asst. Prof. at Marshall University

Justin Brown

Justin Brown (@spridel11) is an Information Assurance Analyst at a large financial institution. Previously, Justin worked for as a consultant specializing in Open Source Intelligence. Through Google Hacking and dorks Justin has uncovered numerous troves of information leaks regarding his clients. Justin can usually be found at conferences volunteering with Hackers for Charity.

Affiliations and Expertise

Information Security Professional at One Worlds Lab

Ratings and Reviews

Write a review

There are currently no reviews for "Google Hacking for Penetration Testers"