Google, the most popular search engine worldwide, provides web surfers
with an easy-to-use guide to the Internet, with web and image searches,
language translation, and a range of features that make web navigation
simple enough for even the novice user. What many users don't realize is
that the deceptively simple components that make Google so easy to use
are the same features that generously unlock security flaws for the
malicious hacker. Vulnerabilities in website security can be discovered
through Google hacking, techniques applied to the search engine by
computer criminals, identity thieves, and even terrorists to uncover
secure information. This book beats Google hackers to the punch,
equipping web administrators with penetration testing applications to
ensure their site is invulnerable to a hacker's search.
Penetration Testing with Google Hacks explores the explosive growth of a
technique known as "Google Hacking." When the modern security landscape
includes such heady topics as "blind SQL injection" and "integer
overflows," it's refreshing to see such a deceptively simple tool bent
to achieve such amazing results; this is hacking in the purest sense of
the word. Readers will learn how to torque Google to detect SQL
injection points and login portals, execute port scans and CGI scans,
fingerprint web servers, locate incredible information caches such as
firewall and IDS logs, password databases, SQL dumps and much more - all
without sending a single packet to the target! Borrowing the techniques
pioneered by malicious "Google hackers," this talk aims to show
security practitioners how to properly protect clients from this often
overlooked and dangerous form of information leakage.
*First book about Google targeting IT professionals and security leaks through web browsing.
*Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black
Hat 2004 Briefing. His presentation on penetrating security flaws with
Google is expected to create a lot of buzz and exposure for the topic.
*Johnny Long's Web site hosts the largest repository of Google security
exposures and is the most popular destination for security professionals
who want to learn about the dark side of Google.
0 komentar:
Posting Komentar