Screencast: How to use GHDB to identify security holes, Googledorks

Screencast: How to use GHDB to identify security holes, Googledorks

Date: Mar 26, 2012

Google is a seemingly omnipotent presence on the Internet. Nothing seems to be beyond its grasp, including any unchecked security vulnerabilities visible to the Web that could be an opportunity for attackers to infiltrate your enterprise. This makes a resource like the Google Hacking Database (GHDB) invaluable.

In this screencast, Mike McLaughlin shows viewers how to utilize the GHDB to identify Googledorks, which are Google search terms that identify security vulnerabilities or collect information from servers. Once you have access to these Googledorks, you can search your own site to discover vulnerabilities a hacker could easily exploit via Google. The GHDB is a free and convenient resource that can help secure your infrastructure.

About the presenter:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.

More on Hacker Tools and Techniques: Underground Sites and Hacking Groups

  • canderson

    Why advanced threats are less dangerous than simple attacks

    VIDEO - Video: BeyondTrust's Marc Maiffret explains why simple attacks are often more effective than advanced threats.
  • canderson

    Gary McGraw warns against conflating cyberwar and cyberespionage

    VIDEO - In this video interview, Cigital CTO Gary McGraw draws a distinction between cyberwar and cyberespionage, saying the two are often wrongly conflated.
  • canderson

    Bruce Schneier: China cyberwar rhetoric risks dangerous implications

    VIDEO - Video: Bruce Schneier explains why ongoing China cyberwar rhetoric evokes the wrong responses and may damage personal privacy, and ultimately freedom.
  • pre-installed malware

    Definition - Pre-installed malware is malicious software that is put on a machine before it is delivered to the user. New devices are usually assumed to be uncompromised but there are numerous reports of malware existing on new hardware.
  • The value of open source intelligence tools to enterprises

    Answer - Expert Joseph Granneman offers advice to enterprise security teams on using open source intelligence tools to learn about potential threats.
  • Protect your enterprise from hackers for hire

    Answer - Hackers for hire pose significant enterprise risks. Does your organization know if it's a target? Get the low-down on these organized crime groups.
  • peer-to-peer botnet (P2P botnet)

    Definition - A peer-to-peer botnet is a decentralized group of malware-compromised machines working together for an attacker’s purpose without their owners’ knowledge.  Just as in the traditional botnet, which includes a command-and-control server, the bots are typically infected with a Trojan horse and are often used for sending spam or performing DDoS (distributed denial of service) attacks.
  • botnet topology

    Definition - A botnet topology is the network structure by which botnet interconnections are organized. Botnet topologies may be either centralized around a command and control server (C&C server) or decentralized using peer-to-peer (P2P) communication.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: