Google Hacking for Penetration Testers, Volumen2Elsevier, 2011 M04 18 - 560 páginas This book helps people find sensitive information on the Web.Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google's search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and "self-police their own organizations.Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.• Learn Google Searching BasicsExplore Google's Web-based Interface, build Google queries, and work with Google URLs.• Use Advanced Operators to Perform Advanced QueriesCombine advanced operators and learn about colliding operators and bad search-fu.• Learn the Ways of the Google HackerSee how to use caches for anonymity and review directory listings and traversal techniques.• Review Document Grinding and Database DiggingSee the ways to use Google to locate documents and then search within the documents to locate information. • Understand Google's Part in an Information Collection FrameworkLearn the principles of automating searches and the applications of data mining.• Locate Exploits and Finding TargetsLocate exploit code and then vulnerable targets.• See Ten Simple Security SearchesLearn a few searches that give good results just about every time and are good for a security assessment.• Track Down Web ServersLocate and profile web servers, login portals, network hardware and utilities.• See How Bad Guys Troll for DataFind ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.• Hack Google ServicesLearn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more. |
Contenido
| 1 | |
| 49 | |
Chapter 3 Google Hacking Basics | 93 |
Chapter 4 Document Grinding and Database Digging | 121 |
Chapter 5 Googles Part in an Information Collection Framework | 161 |
Chapter 6 Locating Exploits and Finding Targets | 223 |
Chapter 7 Ten Simple Security Searches That Work | 263 |
Chapter 8 Tracking Down Web Servers Login Portals and Network Hardware | 281 |
Chapter 9 Usernames Passwords and Secret Stuff Oh My | 345 |
Chapter 10 Hacking Google Services | 373 |
Chapter 11 Google Hacking Showcase | 419 |
Chapter 12 Protecting Yourself from Google Hackers | 479 |
| 521 | |
Términos y frases comunes
admin administrator advanced operators Advanced Search Preferences allows Apache application attacker Blog browser Calendar Camera chapter configuration file contain Continued Table CubeCart CuteNews default directory listings Display a menu document domain e-mail addresses error message example file extension filenames filetype filetype:log Firefox GHDB Gmail Google Code Google Code Search Google Hacking Google query Google Search Gooscan hacker host Images Video Index interface Internet intext intitle intitle:index.of inurl Linux login portals look Maps Gmail Microsoft Mozilla Firefox MRTG MySQL options output parameter password Phishing phpMyAdmin Phrack Powered proxy proxy server Queries That Locate reveal script Search Advanced Search search engine search results search terms server shown in Figure Similar pages source code specific splogging SQL injection Syngress target tool Unix username Video News Maps vulnerabilities Web server word
Pasajes populares
Página i - Syngress is committed to publishing high-quality books for IT Professionals and delivering those books in media and formats that fit the demands of our customers. We are also committed to extending the utility of the book you purchase via additional materials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our solutions@syngress.com Web pages. There you will find an assortment of value-added features such as...
Página i - ... at syngress.com features overstocked, out-of-print, or slightly hurt books at significant savings. SITE LICENSING Syngress has a well-established program for site licensing our e-books onto servers in corporations, educational institutions, and large organizations. Contact us at sales@ syngress.com for more information. CUSTOM PUBLISHING Many organizations welcome the ability to combine parts of multiple Syngress books, as well as their own content, into a single volume for their own internal...
Página 36 - Barbados Bangladesh Belgium Burkina Faso Bulgaria Bahrain Burundi Benin Bermuda Brunei Darussalam Bolivia Brazil Bahamas Bhutan Burma Botswana...
Referencias a este libro
Foundations of Security: What Every Programmer Needs to Know Christoph Kern,Anita Kesavan,Neil Daswani Vista previa limitada - 2007 |
Security of Information and Networks: Proceedings of the First International ... Atilla Eli,S. Berna Ors,Bart Preneel Vista previa limitada - 2008 |