Truths of Google Google Information Google Tools Google Hacking Google Vulnerable Google Hacking
Logo Google Truths
Information Retrival System
Truth Google - Home Truth Google - Sitemap Truth Google - Contact
Home Sitemap Contact
Login Here
Works Google Tips Google Tricks Google Techniques Google Secrets Google Search Engines Google
Advertising Tools Communication Tools Software Tools Publishing Tools Search Tools Development Tools
 Advanced Search Title FileTypes


Google News Google Supports Google Searching Google Techniques Google Products Hacking of Google
How Google Works
» How Google Indexer Works
» How Google Spider Works
 
Google Official Informations
» Google Search
» Google Services
 
Google Tools
» Advertising Tools
» Communication Tools
 
Google Tips & Tricks
» GMail Secrets Tricks
» Orkut Secrets Tricks
 
Google Hacking : Preventing - Sorting Through the Results Google Hacking : Preventing - Sorting Through the Results
Google Hacking-Preventing Common Misconceptions Finding the Data First Sorting Through the Results Folder and File Scanning Vulnerability Classification

There are a couple different methods you will have to employ to find the data first. Some can be automatically done while others will require a careful examination of the website.

Run Queries through the Data

First, look for the information disclosure vulnerabilities in the data you retrieved. These can be found using a scanner, but for others you will need to run search queries over the data.

If you can, utilize regular expressions as they can really help to prevent false positives. Don't expect to find everything, but hopefully you can find the worst stuff.
Type of data Example of what to look for
Usernames and passwords "username=" or "password is"
Number Strings (employee ID numbers, SSNs, Credit Card
Numbers)		 SSNs: \d{3}-\d{2}-\d{4}
Email addresses
"@yourcompany.com"
Server Misconfigurations Look in response body for "Index of" and "Apache", etc
Database connection strings "SELECT\s\w+\sFROM"
Stack traces "Java\.\w+\.\w+\."
Google Truths : Hacking Tool
» Files Containing Juicy Info
» Files Containing Usernames
» Files Containing Passwords
» Error Messages
» Footholds
» Vulnerable Login Portals
» Sensitive Network Pages
» Vulnerable Servers
» Sensitive Directories
» Vulnerable Files
» Online Shopping Cart Info
» Various Online Devices
» Web Server Detection
Google Advanced Operators
» define » spell
» info » id
» filetype » ext
» movie » music
» lyrics » author
» intext » allintext
» inurl » allinurl
» intitle » allintitle
» inanchor » allinanchor
» site » source
» cache » link
» related » insubject
» book » phonebook
» location » time
» stocks » store
» group » maps
» daterange » weather
» safesearch » crack
Vulnerability Informations
» Unix » Linux
» Windows » Mac
» Web Server » Directories
» Usernames » Passwords
» Oracle » PL/SQL
» MS Access » Foxpro
» PHP » ASP
» JSP » .NET
» Network » Devices
» Webcams » Printers
» Movies » Music
» Books » Images
» Templates » Torrent
» Rapidshare » Megaupload
» Cracks » Serial Key
» Full Version Software & Utilities
Google Hacking : Prevention
» Finding the Data First
» Folder and File Scanning
» Vulnerability Classification
» Common Misconceptions
» Sorting Through the Results
Google Google Google Google Google Google

 

 

 

          
Google Google Google Google Google Google

 

 

 
Google Google Google Google Google Google
WHO WHAT WHERE WHEN WHY HOW
Google Google Google Google Google Google
*GOOGLE® is a trademark of Google Inc.  
Google Google Google Google Google Google
Conclusion Google Truths