Google Hacking For Penetration Testers presented at Blackhat Europe 2005

by Johnny Long (Hackers for charity),

Tags: Security Community

Summary : Since Blackhat Vegas 2004, there's been little doubt that "Google Hacking" is for real, and it's here to stay. Attackers are using search engines like Google in amazing and sometimes unexpected ways. Leaping to the next level of the BH Vegas 2004 talk, this talk aims to raise the awareness of the community about the unbelievable things the bad guys are doing with Google. Attendees will witness first-hand how attackers can perform port scans and CGI scans, detect SQL injection points, perform full blown network recon, dig up email addresses, hostnames, usernames, passwords, social security numbers, and even financial information like credit card numbers and bank account info, all without sending a single packet to the target! This talk is great fun and has secured rave reviews from the community, but is handled with the seriousness the topic deserves. The world needs less targets. Learn how you can prevent this type of insidious attack and prevent serious information leakage from your networks! Still not convinced? OK, then come to the talk simply to witness the insanity of Johnny blazing through 170+ slides in under an hour... that's got to be some sort of record!