"GOOGLE HACKING"

Google hacking

What is Google hacking?
Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a database of queries that identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling your site and launching the Google Hacking Database queries directly onto the crawled content.

What a hacker can do if your site is vulnerable
Information that the Google Hacking Database identifies:

•     Advisories and server vulnerabilities
•     Error messages that contain too much information
•     Files containing passwords
•     Sensitive directories
•     Pages containing logon portals
•     Pages containing network or vulnerability data such as firewall logs.

How to check for Google hacking vulnerabilities
The easiest way to check whether your web site & applications have Google hacking vulnerabilities, is to use a Web Vulnerability Scanner. A Web Vulnerability Scanner scans your entire website and automatically checks for pages that are identified by Google hacking queries. (Note: Your web vulnerability scanner must be able to launch Google hacking queries).