SecurityAffairs.co - Scraping the TOR for rare contents - 18July2019
~18th July 2019
Scraping the “TOR hidden world” is a quite complex topic. First of all you need an exceptional computational power (RAM mostly) for letting multiple...
MoreHistory of major events affecting the topic of Google Hacking.
Johnny Long begins to collect interesting Google searches and labels them googleDorks.
Foundstone SiteDigger v1 released. SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
Google Hacking Database (GHDB) officially begins. http://www.hackersforcharity.org/ghdb/ From Johnny's blog on Oct 5, 2004: The googledorks databse has been renamed. The new title, the Google Hacking Database (GHDB) more accurately reflects the fact that this is more than just a hobby now. Thanks to the members of the Search Engine Hacking Forums (click here), the moderators that keep things running smoothly, and the overwhelming press around this topic, the database is literally the original and most comprehensive list of Google hacking queries on the planet. The GHDB has done so well, that we're working harder than ever to integrate it into the leading tools out there. To that end, we've ported the GHDB to work with both Athena and SiteDigger. These ports will be available shortly. Thanks for your continued support, and welcome aboard. We're glad you're here.
SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
Google Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence.
Google Hacking v1 released by Johnny Long
MSNPawn - Footprinting, Profiling & Assessment with MSN Search. MSNPawn has been designed and developed on the .Net framework and must be installed on the system. The following utilities have been bundled with MSNPawn: MSNHostFP - Supply an IP Address or IP Address range to fetch all possible virtual hosts or application running on each IP addresses. MSNDomainFP - Supply a domain name to fetch the top 50 child domains, considering the supplied domain name as parent. MSNCrossDomainFP - Supply an application domain to fetch the top 50 domains pointing to this particular domain on the Internet. MSNCrawler - Supply a domain or application name to fetch all possible links crawled by the search engine. MSNFetch - Supply a domain and rules file. The tool will run each rule in the file against the domain specified and fetch the first five results of the resultant query. This can help in assessing an application. Search.MSN - Provides place to run your search against MSN and gather all URLs. MSNPawn White Paper: http://net-square.com/msnpawn/MSNPawn_research_usage.pdf
HD Moore releases MWSearch, a tool that searches for malware executables via Google Binary Search. Using a database of digital fingerprints of known malware--called "signatures"--the Malware Search tool uses the popular search engine to find a number of known worms and viruses. It was developed by HD Moore, the researcher best known as the developer of the widely used Metasploit hacking tool. http://www.pcworld.com/article/126450/new_tool_searches_google_for_malware.html http://djtechnocrat.blogspot.com/2006/07/mwsearch-finding-malware-with-google.html
When Google stopped issuing new Google SOAP API keys in 2006, it was the beginning of the end for all of the Google hacking tools available at the time. The Google SOAP API was interface that hacking tools used to make Google queries. These tools hobbled along with partial functionality until Sept 2009 when Google closed down the Google SOAP API entirely. Because of this, the art of Google hacking and technique/tool development was pretty much stagnant from 2006-2009.
Specifically disabled to prevent Google Hacking type techniques against Bing.
Scraping the “TOR hidden world” is a quite complex topic. First of all you need an exceptional computational power (RAM mostly) for letting multiple...
MoreGitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. ...
MoreModern Google Dorks - This forever updating list is a modern collection of Google Dorks. They are based on the filter allinurl: For example:...
MoreGoogle dorks were the root cause of a catastrophic compromise of CIA communications resulting in over 30 dead spies - Nov 2018 Nov 2018 - CIA Spies...
MoreA “Security enthusiastic” found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from...
MoreOpen Source Intelligence Techniques: Resources for Searching and Analyzing Online Information - 6th Edition Released - 26Jan2018
Moredorkbot – Command-Line Tool For Google Dorking - released 15June2017 https://github.com/utiso/dorkbot...
MoreEnter story info hereWith a little over one month before December 15, End of Life for the Azure Data Market “Bing Search” and “Bing Web Results Only”...
MoreEarlier this week, the US blamed Iranian hackers for a series of attacks in 2012 and 2013 on several targets, including a New York City dam. How did...
MoreBack in 2011, we announced the deprecation of the following APIs: Google Patent Search API, Google News Search API, Google Blog Search API, Google...
MoreA bulletin issued by the Department of Homeland Security, the FBI and the National Counterterrorism Center earlier this month warns law enforcement...
MoreMany security teams need to stay on the lookout for Internet-based discussions, posts, and other bits that may be of impact to the organizations they...
MoreSHODAN switches over to new URL, from old http://www.shodanhq.com/ to new https://www.shodan.io/.
MoreA Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, Baidu and others) by using proxies (socks4/5, http proxy) and...
MoreGoogle Reader retires. As a result, the Google Diggity Alerts FUNDle Bundle, which was bundled using Google Reader, is broken. Google Alerts also has...
MoreRelease of new SearchDiggity v 3.1 - the first version to be rebranded under Bishop Fox. Also includes brand new, significantly updated CHM help file....
MoreThere’s so much data available on the internet that even government cyberspies need a little help now and then to sift through it all. So to assist...
MoreStach & Liu’s Google Hacking Diggity Project was featured in the toolsmith article SearchDiggity: Dig Before They Do, found in the September 2012...
MoreFor the past several years, the Bing Search API has made search data available for developers to innovate and build upon. Today we are announcing that...
MoreInformationWeek Reports releases Google Hacking paper written by Fran Brown.
MoreCommon Crawl is a nonprofit 501(c)(3) organization that crawls the web and freely provides its archives and datasets to the public. Common Crawl's...
MoreOn June 30, 2011, a Yale alumni googling his own name discovered an Excel spreadsheet containing his social security number and those of 43,000 other...
MoreBeginning of the end for McAfee SiteDigger v3.0 and other tools using the Google Ajax API.
MoreStach & Liu Unveils Google/Bing Diggity Hacking Alert RSS Feeds at Black Hat USA 2010. Defensive strategies for protecting your organization from...
MoreThe Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search...
MoreSHODAN - Hacker Search Engine. Indexed and makes searchable service banners for whole Internet for HTTP (Port 80), as well as some FTP (23), SSH (22)...
MoreIP address went from 75.126.102.193 to 10.4.223.196. Still available on PacketStorm. http://www.goolag.org...
MoreFoundStone SiteDigger v 3.0 released, using new Google Ajax API. SiteDigger 3.0 searches Google’s cache to look for vulnerabilities, errors,...
MoreBinging - Footprinting and Discovery Tool Binging is a simple tool to query Bing search engine. It will use your Bing API key and fetch multiple...
MoreAll existing Google Hacking tools cease to function at this point. When Google stopped issuing new Google SOAP API keys in 2006, it was the beginning...
MoreFOCA FREE 3.0.2 is a tool for carrying out processes and information gathering fingerprinting in web audit work. Free version makes finding servers,...
MoreGoogle Alerts adds RSS feed capability, giving you updated access to search results. This will pave the way for the future Diggity Hacking Alert...
MorecDc (Cult of the Dead Cow) releases a GUI driven tool for Google Hacking called Goolag.
MoreSpecifically disabled to prevent Google Hacking type techniques against Bing.
MoreWhen Google stopped issuing new Google SOAP API keys in 2006, it was the beginning of the end for all of the Google hacking tools available at the...
MoreHD Moore releases MWSearch, a tool that searches for malware executables via Google Binary Search. Using a database of digital fingerprints of known...
MoreMSNPawn - Footprinting, Profiling & Assessment with MSN Search. MSNPawn has been designed and developed on the .Net framework and must be installed...
MoreGoogle Hacking v1 released by Johnny Long
MoreGoogle Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to...
MoreSiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security...
MoreGoogle Hacking Database (GHDB) officially begins. http://www.hackersforcharity.org/ghdb/ From Johnny's blog on Oct 5, 2004: The googledorks databse...
MoreFoundstone SiteDigger v1 released. SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary...
MoreJohnny Long begins to collect interesting Google searches and labels them googleDorks.
More