Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users dont realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hackers search.

Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage.

*First book about Google targeting IT professionals and security leaks through web browsing.

*Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black

Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic.

*Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.

This guide describes techniques the bad guys use to locate sensitive information about an individual or company, particularly the specific ways Google searches can discover forgotten network systems and devices that have fallen off the radar of overworked administrators. The author, who maintains johnny.ihackstuff.com, recommends writing a sound security policy, securing a web site from Google's crawlers, and checking Google exposure with automated tools. Distributed in the U.S. by O'Reilly.
Annotation ©2004 Book News, Inc., Portland, OR (booknews.com)

Google Hacking for Penetration Testers explores the explosive growth of a technique known as Google Hacking. This simple tool can be bent by hackers and those with malicious intents to find hidden information, break into sites, and access supposedly secure information. Borrowing the techniques pioneered by malicious Google hackers, this book aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage. The sophistication and functionality of Google searches has resulted in several publications boasting Google's superiority to other search engines, providing tips, tricks and even hacks for novice, intermediate, and advanced Internet users. However few of these publications even mention security, and none are written with the IT professional's security tasks in mind. This book not only explores the more obscure and compound features of Google, but it educates the reader how to protect himself against the hacking muscle that this supreme search engine has become. Google.com domain continues to distance itself from the competition and has reached an all-time high in U.S. search referral market share. As of March 23, 2004, Google.com posted a U.S.search referral percentage of nearly 41 percent. Second place competitor and former leading search referral domain, Yahoo.com, posted a referral percentage of 27.40 percent. Google's market dominance is due in large part to the detail, sophistication, and accuracy of the results it provides. These same factors that make Google so useful to the everyday Web surfer are the same ones that make it so dangerous in the hands of a malicious hacker.

Johnny Long is a professional hacker and security researcher for Computer Sciences Corporation. Johnny has written or contributed to several books, including Google Hacking for Penetration Tester from Syngress Publishing, which has secured rave reviews.