ABSTRACT
This paper provides a description of how the topic of Google hacking was incorporated into a graduate course on web security which was offered in the Fall of 2005. It begins by providing an overview of Google hacking and describes what it is, how it is used, and most importantly how to defend against it. The paper then describes a series of exercises that students must complete providing them with hands-on Google hacking strategies, techniques and countermeasures.
- Delaney, K, Identity Theft Made Easier. Wall Street Journal (Mar. 29 2005), P. B1.Google Scholar
- http://johnny.ihackstuff.com/Google Scholar
- http://www.google.com/terms_of_service.htmlGoogle Scholar
- http://www.cgisecurity.com/lib/Rise-of-the-robots.txtGoogle Scholar
- http://www.sans.org/resources/policies/Google Scholar
- http://www.foundstone.com/Google Scholar
- Long, J. Google Hacking for Penetration Testers, Syngress Publishing, Rockland, MA, 2005. Google ScholarDigital Library
- McMillan, R. Google hacking; What started as a joke builds into a movement. Network World, (Sept 5, 2005), p1.Google Scholar
- Palmer, C., Ethical Hacking. IBM Systems Journal, Vol 40, No 3, 2001. Google ScholarDigital Library
Index Terms
- Using google hacking to enhance defense strategies
Recommendations
Evaluation of Google hacking
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum developmentGoogle Hacking uses the Google search engine to locate sensitive information or to find vulnerabilities that may be exploited. This paper evaluates how much effort it takes to get Google Hacking to work and how serious the threat of Google Hacking is. ...
Using google hacking to enhance defense strategies
This paper provides a description of how the topic of Google hacking was incorporated into a graduate course on web security which was offered in the Fall of 2005. It begins by providing an overview of Google hacking and describes what it is, how it is ...
Exploring Defense of SQL Injection Attack in Penetration Testing
SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed ...
Comments