History of major events affecting the topic of Google Hacking.
Johnny Long begins to collect interesting Google searches and labels them googleDorks.
Foundstone SiteDigger v1 released. SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
Google Hacking Database (GHDB) officially begins. http://www.hackersforcharity.org/ghdb/ From Johnny's blog on Oct 5, 2004: The googledorks databse has been renamed. The new title, the Google Hacking Database (GHDB) more accurately reflects the fact that this is more than just a hobby now. Thanks to the members of the Search Engine Hacking Forums (click here), the moderators that keep things running smoothly, and the overwhelming press around this topic, the database is literally the original and most comprehensive list of Google hacking queries on the planet. The GHDB has done so well, that we're working harder than ever to integrate it into the leading tools out there. To that end, we've ported the GHDB to work with both Athena and SiteDigger. These ports will be available shortly. Thanks for your continued support, and welcome aboard. We're glad you're here.
SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
Google Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence.
Google Hacking v1 released by Johnny Long
MSNPawn - Footprinting, Profiling & Assessment with MSN Search. MSNPawn has been designed and developed on the .Net framework and must be installed on the system. The following utilities have been bundled with MSNPawn: MSNHostFP - Supply an IP Address or IP Address range to fetch all possible virtual hosts or application running on each IP addresses. MSNDomainFP - Supply a domain name to fetch the top 50 child domains, considering the supplied domain name as parent. MSNCrossDomainFP - Supply an application domain to fetch the top 50 domains pointing to this particular domain on the Internet. MSNCrawler - Supply a domain or application name to fetch all possible links crawled by the search engine. MSNFetch - Supply a domain and rules file. The tool will run each rule in the file against the domain specified and fetch the first five results of the resultant query. This can help in assessing an application. Search.MSN - Provides place to run your search against MSN and gather all URLs. MSNPawn White Paper: http://net-square.com/msnpawn/MSNPawn_research_usage.pdf
HD Moore releases MWSearch, a tool that searches for malware executables via Google Binary Search. Using a database of digital fingerprints of known malware--called "signatures"--the Malware Search tool uses the popular search engine to find a number of known worms and viruses. It was developed by HD Moore, the researcher best known as the developer of the widely used Metasploit hacking tool. http://www.pcworld.com/article/126450/new_tool_searches_google_for_malware.html http://djtechnocrat.blogspot.com/2006/07/mwsearch-finding-malware-with-google.html
When Google stopped issuing new Google SOAP API keys in 2006, it was the beginning of the end for all of the Google hacking tools available at the time. The Google SOAP API was interface that hacking tools used to make Google queries. These tools hobbled along with partial functionality until Sept 2009 when Google closed down the Google SOAP API entirely. Because of this, the art of Google hacking and technique/tool development was pretty much stagnant from 2006-2009.
Specifically disabled to prevent Google Hacking type techniques against Bing.
