Search the site:
(New search engine!!)

Google hacking

Hackers can use Google to find potentially vulnerable sites, there are examples of credit card information being indexed but there are many other and much more common problems. Currently some sites publish signatures of more than 800 security problems that could be discovered by Google hacking.

Even worms can use this technique. The Santy worm used a flaw in the popular bulletin board phpBB to spread. The worm searched Google for sites using the vulnerable version.

Now there is a free tool that you can use to test your site's vulnerability, it's called SiteDigger2.0 (from McAfee) and it can be downloaded here.

Follow the instructions for getting a Google API license key and then just run the check. SiteDigger will generate a HTML presentation of what it finds.

SiteDigger is free and the site check only takes a few minutes, so why not test your site(s) right away?!

- Michael Ahgren