Google Hacking Lab

FacebookTwitterGoogle+LinkedInEmail
Description
In this lab, Subject Matter Expert Dean Pompilio discusses Google hacking techniques and presents an introduction to some of the things you can do when gathering information for a Social Engineering audit. SME Pompilio discusses how to use Google specifically to do targeted searches. (Although this demonstration refers to the search engine Google, the search engine StartPage may be a better choice for a search engine for privacy purposes). A review of the various search operators and their uses covers the following:
  • main search operators such as sites and links
  • related search operators
  • special search operators such as info and cached
  • use of the advanced search function page
SME Pompilio presents several examples of how to obtain confidential information about a target when you want to find some vulnerability information about a Web site, or you want to reveal a site’s debugging information. A Social Engineer can search for vulnerabilities of information that should not be available on the public Internet. There is a considerable amount of confidential information that is available deep in the public Internet that a target probably does not know is available and that will allow you to dig deeper into the environment in which the target company operates; you will learn more info about the company’s systems, applications, and people. It is suggested that Social Engineers should spend time on exploitdb.com to have access to a large database of exploits organized by category. There also are more than one thousand security papers on this site that can be accessed to further your knowledge and increase your skill set. (This is the site that Dean Pompilio used to present the examples in this demonstration). SME Pompilio also presents other aspects of Google hacking that will allow you to get the code of a page through Google without going directly to the Web page, and he discusses Google Dork, which is a preformatted search string that identifies systems that have too much information available on the public internet.
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel