Hack Your Website With Google, Before Someone Else Does

toggle-button

Although web sites are a brilliant way to publish information, many site owners and operators inadvertently publish things on their web site which shouldn't really be there.  Such items include log files that could help a hacker locate private areas of the site, old backup files that aren't properly encrypted, database files, folders that can be browsed directly, and so on.  

While it can be very time-consuming for anyone to track down these files, the good news for hackers is that search engines like Google have probably already done all the hard work.  So all the hacker has to do is to use Google to search for, say, unprotected database files on a particular web site.

And that's where https://pentest-tools.com/reconnaissance/google-hacking comes in.  It's a web site containing ready-made links to all of Google's most common searches used by hackers.  So all you need to do, in order to test that your own web site isn't vulnerable, is to type in the site name and then click each of the links in turn.  The system will initiate a Google search for your own site, and include all the additional search terms that hackers might use to find forbidden content on your site.

If you run a web site, or you know someone that does, give this a try for some added peace of mind.  But if you're tempted to randomly try it against all the big commercial sites you can think of, you'd be wise not to do so without the targets' permission!

 

 

 

Please rate this article: 

Your rating: None
3.8
Average: 3.8 (5 votes)
toggle-button

Comments

It appears as though credits have to be purchased in order to use the penetration tools offered at this site so I'm confused as to how this qualifies as freeware.

P.S. The visit to the page wasn't a total waste though because their use of the term "ethical hacking" on the about page made me giggle.

Might add that if the search finds no issues that you need be warned about, it will give the usual report: "search ... did not match any documents."

When I first saw that, I thought it meant it couldn't find the website. What it means is that it can't find any of the specified problems in the website.

Well, that's not quite accurate: if you misspell the website URL -- that is, the website doesn't exist and Google can't find it -- it will still give the "did not match any documents" answer.