article

Using google hacking to enhance defense strategies

Authors:

Lisa Lancor,

Robert WorkmanAuthors Info & Claims

ACM SIGCSE Bulletin, Volume 39, Issue 1

Pages 491 - 495

https://doi.org/10.1145/1227504.1227475

Published: 07 March 2007 Publication History

Get Access

Abstract

This paper provides a description of how the topic of Google hacking was incorporated into a graduate course on web security which was offered in the Fall of 2005. It begins by providing an overview of Google hacking and describes what it is, how it is used, and most importantly how to defend against it. The paper then describes a series of exercises that students must complete providing them with hands-on Google hacking strategies, techniques and countermeasures.

References

[1]

Delaney, K, Identity Theft Made Easier. Wall Street Journal (Mar. 29 2005), P. B1.

Google Scholar

[2]

http://johnny.ihackstuff.com/

Google Scholar

[3]

http://www.google.com/terms_of_service.html

Google Scholar

[4]

http://www.cgisecurity.com/lib/Rise-of-the-robots.txt

Google Scholar

[5]

http://www.sans.org/resources/policies/

Google Scholar

[6]

http://www.foundstone.com/

Google Scholar

[7]

Long, J. Google Hacking for Penetration Testers, Syngress Publishing, Rockland, MA, 2005.

Digital Library

Google Scholar

[8]

McMillan, R. Google hacking; What started as a joke builds into a movement. Network World, (Sept 5, 2005), p1.

Google Scholar

[9]

Palmer, C., Ethical Hacking. IBM Systems Journal, Vol 40, No 3, 2001.

Digital Library

Google Scholar

Cited By

View all

Dadkhah MBorchardt GLagzian M(2016)Do You Ignore Information Security in Your Journal Website?Science and Engineering Ethics10.1007/s11948-016-9849-z23:4(1227-1231)Online publication date: 24-Nov-2016
https://doi.org/10.1007/s11948-016-9849-z
Soska KChristin NFu K(2014)Automatically detecting vulnerable websites before they turn maliciousProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671265(625-640)Online publication date: 20-Aug-2014
https://dl.acm.org/doi/10.5555/2671225.2671265
McGuffee JHanebutte N(2013)Google hacking as a general education toolJournal of Computing Sciences in Colleges10.5555/2458539.245855328:4(81-85)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.5555/2458539.2458553
Show More Cited By

Index Terms

Using google hacking to enhance defense strategies
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Using google hacking to enhance defense strategies
SIGCSE '07: Proceedings of the 38th SIGCSE technical symposium on Computer science education

This paper provides a description of how the topic of Google hacking was incorporated into a graduate course on web security which was offered in the Fall of 2005. It begins by providing an overview of Google hacking and describes what it is, how it is ...
Evaluation of Google hacking
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum development

Google Hacking uses the Google search engine to locate sensitive information or to find vulnerabilities that may be exploited. This paper evaluates how much effort it takes to get Google Hacking to work and how serious the threat of Google Hacking is. ...
Exploring Defense of SQL Injection Attack in Penetration Testing

SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACM SIGCSE Bulletin Volume 39, Issue 1

March 2007

581 pages

ISSN:0097-8418

DOI:10.1145/1227504

Issue’s Table of Contents

SIGCSE '07: Proceedings of the 38th SIGCSE technical symposium on Computer science education
March 2007
634 pages
ISBN:1595933611
DOI:10.1145/1227310
General Chairs:
Ingrid Russell
University of Hartford
,
Susan Haller
SUNY Potsdam
,
Program Chairs:
J. D. Dougherty
Haverford College
,
Susan Rodger
Duke University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 March 2007

Published in SIGCSE Volume 39, Issue 1

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
3,020
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Dadkhah MBorchardt GLagzian M(2016)Do You Ignore Information Security in Your Journal Website?Science and Engineering Ethics10.1007/s11948-016-9849-z23:4(1227-1231)Online publication date: 24-Nov-2016
https://doi.org/10.1007/s11948-016-9849-z
Soska KChristin NFu K(2014)Automatically detecting vulnerable websites before they turn maliciousProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671265(625-640)Online publication date: 20-Aug-2014
https://dl.acm.org/doi/10.5555/2671225.2671265
McGuffee JHanebutte N(2013)Google hacking as a general education toolJournal of Computing Sciences in Colleges10.5555/2458539.245855328:4(81-85)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.5555/2458539.2458553
van Heerden RIrwin BBurke ILeenen L(2012)A Computer Network Attack Taxonomy and OntologyInternational Journal of Cyber Warfare and Terrorism10.4018/ijcwt.20120701022:3(12-25)Online publication date: 1-Jul-2012
https://doi.org/10.4018/ijcwt.2012070102
Billig JDanilchenko YFrank C(2008)Evaluation of Google hackingProceedings of the 5th annual conference on Information security curriculum development10.1145/1456625.1456634(27-32)Online publication date: 26-Sep-2008
https://dl.acm.org/doi/10.1145/1456625.1456634
Thapa RGoyal AGoyal AVerma V(2022)Amelioration of Security Protocols from the outset of technology to present moment2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE)10.1109/ICACITE53722.2022.9823517(2612-2617)Online publication date: 28-Apr-2022
https://doi.org/10.1109/ICACITE53722.2022.9823517
Toffalini FAbbí MCarra DBalzarotti D(2016)Google DorksProceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Volume 972110.1007/978-3-319-40667-1_13(255-275)Online publication date: 7-Jul-2016
https://dl.acm.org/doi/10.1007/978-3-319-40667-1_13
Kam HPauli J(2011)Work in progress -- Web penetration testingProceedings of the 2011 Frontiers in Education Conference10.1109/FIE.2011.6142873(F3G-1-1-F3G-3)Online publication date: 12-Oct-2011
https://dl.acm.org/doi/10.1109/FIE.2011.6142873
Moore TClayton R(2009)Evil SearchingFinancial Cryptography and Data Security10.1007/978-3-642-03549-4_16(256-272)Online publication date: 21-Jul-2009
https://dl.acm.org/doi/10.1007/978-3-642-03549-4_16
Abad C(2008)Learning through creating learning objectsACM SIGCSE Bulletin10.1145/1597849.138434040:3(255-259)Online publication date: 30-Jun-2008
https://dl.acm.org/doi/10.1145/1597849.1384340
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Using google hacking to enhance defense strategies

Evaluation of Google hacking

Exploring Defense of SQL Injection Attack in Penetration Testing