SlideShare a Scribd company logo

Lord of the Bing: Taking Back Search Engine Hacking From Google and Bing

Bishop Fox
Bishop Fox

During World War II the CIA created a special information intelligence unit to exploit information gathered from openly available sources. One classic example of the teamís resourcefulness was the ability to determine whether Allied forces had successfully bombed bridges leading into Paris based on increasing orange prices. Since then OSINT sources have surged in number and diversity, but none can compare to the wealth of information provided by the internet. Attackers have been clever enough in the past to take advantage of search engines to filter this information to identify vulnerabilities. However, current search hacking techniques have been stymied by search provider efforts to curb this type of behavior. Not anymore. Our demonstration-heavy presentation picks up the subtle art of search engine hacking at the current state and discusses why these techniques fail. We will then reveal several new search engine hacking techniques that have resulted in remarkable breakthroughs against both Google and Bing. Come ready to engage with us as we release two new tools, GoogleDiggity and BingDiggity, which take full advantage of the new hacking techniques. Weíll also be releasing the first ever 'live vulnerability feed', which will quickly become the new standard on how to detect and protect yourself against these types of attacks. This presentation will change the way you've previously thought about search engine hacking, so put on your helmets. We don't want a mess when we blow your minds.

Software
1 of 46
Download to read offline
Lord of the Bing Taking Back Search Engine Hacking From Google and Bing 29 July 2010 Presented by: Francis Brown and Rob Ragan Stach & Liu, LLC www.stachliu.com
Goals 3 • To improve Google Hacking • Attacks and defenses • Advanced tools and techniques • To think differently about exposures in publicly available sources • To blow your mind! D R O P K N O W L E D G E O N Y O U
Google/Bing Hacking S E A R C H E N G I N E A T T A C K S 4
Attack Targets 5 • Advisories and Vulnerabilities (215) • Error Messages (58) • Files containing juicy info (230) • Files containing passwords (135) • Files containing usernames (15) • Footholds (21) • Pages containing login portals (232) G O O G L E H A C K I N G D A T A B A S E • Pages containing network or vulnerability data (59) • Sensitive Directories (61) • Sensitive Online Shopping Info (9) • Various Online Devices (201) • Vulnerable Files (57) • Vulnerable Servers (48) • Web Server Detection (72)
Attack Targets 6 Old School Examples • Error Messages • filetype:asp + "[ODBC SQL“ • "Warning: mysql_query()" "invalid query“ • Files containing passwords • inurl:passlist.txt G O O G L E H A C K I N G D A T A B A S E
New Toolkit 7 Google Diggity • Uses Google AJAX API • Not blocked by Google bot detection • Does not violate Terms of Service • Can leverage Bing Diggity • Uses Bing 2.0 SOAP API • Company/Webapp Profiling • Enumerate: URLs, IP-to-virtual hosts, etc. • Bing Hacking Database (BHDB) • Vulnerability search queries in Bing format S T A C H & L I U T O O L S
New Toolkit 8 GoogleScrape Diggity • Uses Google mobile interface • Light-weight, no advertisements • Violates Terms of Service • Bot detection avoidance • Distributed via proxies • Spoofs User-agent and Referer headers • Random &userip= value • Across Google servers S T A C H & L I U T O O L S
New Hack Databases 9 BHDB – Bing Hacking Data Base • First ever Bing hacking database • Bing hacking limitations • Disabled inurl:, link: and linkdomain: directives in March 2007 • No support for ext:, allintitle:, allinurl: • Limited filetype: functionality • Only 12 extensions supported A T T A C K Q U E R I E S Example - Bing vulnerability search: • GHDB query • "allintitle:Netscape FastTrack Server Home Page" • BHDB version • intitle:”Netscape FastTrack Server Home Page"
New Hack Databases 10 SLDB - Stach & Liu Data Base • New Google/Bing hacking searches in active development by the S&L team SLDB Examples • ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential • filetype:sql "insert into" (pass|passwd|password) • !Host=*.* intext:enc_UserPassword=* ext:pcf • "your password is" filetype:log A T T A C K Q U E R I E S
DEMO N E W G O O G L E H A C K I N G T O O L S 11
Traditional Defenses G O O G L E H A C K I N G D E F E N S E S 12 • “Google Hack yourself” organization • Employ tools and techniques used by hackers • Remove info leaks from Google cache • Using Google Webmaster Tools • Regularly update your robots.txt. • Or robots meta tags for individual page exclusion • Data Loss Prevention/Extrusion Prevention Systems • Free Tools: OpenDLP, Senf • Policy and Legal Restrictions
Traditional Defenses G O O G L E H A C K I N G D E F E N S E S 13 • “Google Hack yourself” organization • Employ tools and techniques used by hackers • Remove info leaks from Google cache • Using Google Webmaster Tools • Regularly update your robots.txt. • Or robots meta tags for individual page exclusion • Data Loss Prevention/Extrusion Prevention Systems • Free Tools: OpenDLP, Senf • Policy and Legal Restrictions
Advanced Defenses P R O T E C T Y O N E C K 14
Existing Defenses “H A C K Y O U R S E L F” 15 Multi-engine results Real-time updates Convenient Historical archived data  Multi-domain searching Tools exist
Advanced Defenses N E W H O T S I Z Z L E Stach & Liu now proudly presents: • Google Hacking Alerts • Bing Hacking Alerts 16
Google Hacking Alerts A D V A N C E D D E F E N S E S 17 Google Hacking Alerts • All hacking database queries using • Real-time vuln updates to >2400 hack queries via RSS • Organized and available via importable file
Google Hacking Alerts A D V A N C E D D E F E N S E S 18
Bing Hacking Alerts A D V A N C E D D E F E N S E S 19 Bing Hacking Alerts • Bing searches with regexs from BHDB • Leverage &format=rss directive to turn into update feeds • Real-time vuln updates to >900 Bing hack queries via RSS
Bing/Google Alerts T H I C K C L I E N T S T O O L S 20 Google/Bing Hacking Alert Thick Clients • Google/Bing Alerts RSS feeds as input • Allow user to set one or more filters • e.g. “yourcompany.com” in the URL • Several thick clients being released: • Google Desktop Gadget • OS independent client • Droid app (coming soon)
DEMO A D V A N C E D D E F E N S E T O O L S 21
New Defenses “G O O G L E / B I N G H A C K A L E R T S” 22 Multi-engine results Real-time updates Convenient Historical archived data  Multi-domain searching Tools exist
Google Apps Explosion S O M A N Y A P P L I C A T I O N S T O A B U S E 23
Google PhoneBook S P E A R P H I S H I N G 24
Google Code Search V U L N S I N O P E N S O U R C E C O D E 25 • Regex search for vulnerabilities in public code • Example: SQL Injection in ASP querystring • select.*from.*request.QUERYSTRING
DEMO G O O G L E C O D E S E A R C H H A C K I N G 26
Google Code Search V U L N S I N O P E N S O U R C E C O D E 27
Google Code Search V U L N S I N O P E N S O U R C E C O D E 28
Black Hat SEO • Use popular search topics du jour • Pollute results with links to badware • Increase chances of a successful attack 29 S E A R C H E N G I N E O P T I M I Z A T I O N
Google Trends B L A C K H A T S E O R E C O N 30
Defenses B L A C K H A T S E O D E F E N S E S 31 • Malware Warning Filters • Google Safe Browsing • Microsoft SmartScreen Filter • Yahoo Search Scan • Sandbox Software • Sandboxie (sandboxie.com) • Dell KACE - Secure Browser • Office 2010 (Protected Mode) • Adobe Reader Sandbox (Protected Mode) • No-script and Ad-block browser plugins
Mass Injection Attacks M A L W A R E G O N E W I L D 32 Malware Distribution Woes • Popular websites victimized, become malware distribution sites to their own customers
Malware Browser Filters U R L B L A C K L I S T 33 Protecting users from known threats • Joint effort to protect customers from known malware and phishing links
Inconvenient Truth D I C K H E A D A L E R T S 34 Malware Black List Woes • Average web administrator has no idea when their site gets black listed
Advanced Defenses P R O T E C T Y O N E C K 35
Malware Diggity A D V A N C E D D E F E N S E S 36 Malware Diggity • Uses Bing’s linkfromdomain: directive to identify off-site links of the domain(s) you wish to monitor • Compares to known malware sites/domains • Alerts if site is compromised and now distributing malware Malware Diggity Alerts • Leverages the Bing ‘&format=rss’ directive, to actively monitor new off-site links of your site as they appear • Immediately lets you know if you have been compromised by one of these mass injection attacks or if your site has been black listed
Malware Diggity A D V A N C E D D E F E N S E S 37
Malware Diggity A D V A N C E D D E F E N S E S 38
39
Identify External Links Identify Incoming Links Compare to Black List Detect Infections Alert Malware Monitoring I N F E C T I O N D E T E C T I O N 40
Identify Malware Links Mass Inject Competition Competition Black Listed Competition PageRank is 0 Profit Search Engine deOptimization B L A C K L I S T Y O U R F O E S 41
Future Direction P R E D I C T I O N S 42
Predictions 43 Data Explosion • More data indexed, searchable • Real-time, streaming updates • Faster, more robust search interfaces Google Involvement • Filtering of search results • Better GH detection and tool blocking Renewed Tool Dev • Google Ajax API based • Bing/Yahoo/other engines • Search engine aggregators • Google Code and Other Open Source Repositories • MS CodePlex, SourceForge, … • More automation in tools • Real-time detection and exploitation • Google worms F U T U R E D I R E C T I O N S
Real-time Updates 44 F U T U R E D I R E C T I O N S
Questions? Ask us something We’ll try to answer it. For more info: Email: contact@stachliu.com Project: diggity@stachliu.com Stach & Liu, LLC www.stachliu.com
Thank You 46 Stach & Liu Google Hacking Diggity Project info: http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/

Recommended

Pulp Google Hacking
Pulp Google HackingPulp Google Hacking
Pulp Google Hacking
Bishop Fox
 
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDFOWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
Bishop Fox
 
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
Bishop Fox
 
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDFDEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
Bishop Fox
 
StachLiu-NotInMyBackYard
StachLiu-NotInMyBackYardStachLiu-NotInMyBackYard
StachLiu-NotInMyBackYard
diggityslides
 
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities ListOWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
Bishop Fox
 
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDFDEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
Bishop Fox
 
Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Wrangle Your Defense Using Offensive Tactics BSides CT 2019Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Matt Dunn
 

Recommended

Pulp Google Hacking
Pulp Google HackingPulp Google Hacking
Pulp Google Hacking
Bishop Fox
 
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDFOWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
OWASP LA – SharePoint Hacking – 22Feb2012 – Slides.PDF
Bishop Fox
 
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Env...
Bishop Fox
 
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDFDEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides.PDF
Bishop Fox
 
StachLiu-NotInMyBackYard
StachLiu-NotInMyBackYardStachLiu-NotInMyBackYard
StachLiu-NotInMyBackYard
diggityslides
 
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities ListOWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
OWASP – Internet of Things (IoT) – Top 10 Vulnerabilities List
Bishop Fox
 
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDFDEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
DEF CON 25 (2017)- Game of Drones - Brown,Latimer - 29July2017 - Slides.PDF
Bishop Fox
 
Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Wrangle Your Defense Using Offensive Tactics BSides CT 2019Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Wrangle Your Defense Using Offensive Tactics BSides CT 2019
Matt Dunn
 
Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010
Rob Ragan
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
Security B-Sides
 
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Rob Ragan
 
Hack attack pulp google
Hack attack pulp googleHack attack pulp google
Hack attack pulp google
sourav6388
 
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of BingTenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Rob Ragan
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and Defense
Andrew McNicol
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
Tom Eston
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
Christian Martorella
 
hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptx
sconalbg
 
Automatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia KalavriAutomatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia Kalavri
Flink Forward
 
Information update march 2013.ppt
Information update march 2013.pptInformation update march 2013.ppt
Information update march 2013.ppt
Inbar Yasur ענבר יסעור
 
Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties
Behrouz Sadeghipour
 
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools SeminarVorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
Matt Lynch
 
Information update december 2015
Information update december 2015Information update december 2015
Information update december 2015
Inbar Yasur ענבר יסעור
 
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy Cabral
 
Strata sf - Amundsen presentation
Strata sf - Amundsen presentationStrata sf - Amundsen presentation
Strata sf - Amundsen presentation
Tao Feng
 
Search Engine Skills for Workplace Investigators
Search Engine Skills for Workplace InvestigatorsSearch Engine Skills for Workplace Investigators
Search Engine Skills for Workplace Investigators
Case IQ
 
Getting Started with Drupal
Getting Started with DrupalGetting Started with Drupal
Getting Started with Drupal
Pantheon
 
Tech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @CriteoTech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @Criteo
Gilles Legoux
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF... InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
Bishop Fox
 
SpellCheckV2 Rules
SpellCheckV2 RulesSpellCheckV2 Rules
SpellCheckV2 Rules
Bishop Fox
 

More Related Content

Similar to Lord of the Bing: Taking Back Search Engine Hacking From Google and Bing

Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010
Rob Ragan
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
Security B-Sides
 
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Rob Ragan
 
Hack attack pulp google
Hack attack pulp googleHack attack pulp google
Hack attack pulp google
sourav6388
 
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of BingTenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Rob Ragan
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and Defense
Andrew McNicol
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
Tom Eston
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
Christian Martorella
 
hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptx
sconalbg
 
Automatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia KalavriAutomatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia Kalavri
Flink Forward
 
Information update march 2013.ppt
Information update march 2013.pptInformation update march 2013.ppt
Information update march 2013.ppt
Inbar Yasur ענבר יסעור
 
Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties
Behrouz Sadeghipour
 
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools SeminarVorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
Matt Lynch
 
Information update december 2015
Information update december 2015Information update december 2015
Information update december 2015
Inbar Yasur ענבר יסעור
 
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy Cabral
 
Strata sf - Amundsen presentation
Strata sf - Amundsen presentationStrata sf - Amundsen presentation
Strata sf - Amundsen presentation
Tao Feng
 
Search Engine Skills for Workplace Investigators
Search Engine Skills for Workplace InvestigatorsSearch Engine Skills for Workplace Investigators
Search Engine Skills for Workplace Investigators
Case IQ
 
Getting Started with Drupal
Getting Started with DrupalGetting Started with Drupal
Getting Started with Drupal
Pantheon
 
Tech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @CriteoTech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @Criteo
Gilles Legoux
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 

Similar to Lord of the Bing: Taking Back Search Engine Hacking From Google and Bing (20)

Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010Lord of the Bing - Black Hat USA 2010
Lord of the Bing - Black Hat USA 2010
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
 
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
Black Hat 2011 - Pulp Google Hacking: The Next Generation Search Engine Hacki...
 
Hack attack pulp google
Hack attack pulp googleHack attack pulp google
Hack attack pulp google
 
Tenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of BingTenacious Diggity - Skinny Dippin in a Sea of Bing
Tenacious Diggity - Skinny Dippin in a Sea of Bing
 
OSINT for Attack and Defense
OSINT for Attack and DefenseOSINT for Attack and Defense
OSINT for Attack and Defense
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
 
hacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptxhacking techniques and intrusion techniques useful in OSINT.pptx
hacking techniques and intrusion techniques useful in OSINT.pptx
 
Automatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia KalavriAutomatic Detection of Web Trackers by Vasia Kalavri
Automatic Detection of Web Trackers by Vasia Kalavri
 
Information update march 2013.ppt
Information update march 2013.pptInformation update march 2013.ppt
Information update march 2013.ppt
 
Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties Crypto Night at CSUS - Bug Bounties
Crypto Night at CSUS - Bug Bounties
 
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools SeminarVorian Agency - Web Analytics & Online Monitoring Tools Seminar
Vorian Agency - Web Analytics & Online Monitoring Tools Seminar
 
Information update december 2015
Information update december 2015Information update december 2015
Information update december 2015
 
Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)Jeremy cabral search marketing summit - scraping data-driven content (1)
Jeremy cabral search marketing summit - scraping data-driven content (1)
 
Strata sf - Amundsen presentation
Strata sf - Amundsen presentationStrata sf - Amundsen presentation
Strata sf - Amundsen presentation
 
Search Engine Skills for Workplace Investigators
Search Engine Skills for Workplace InvestigatorsSearch Engine Skills for Workplace Investigators
Search Engine Skills for Workplace Investigators
 
Getting Started with Drupal
Getting Started with DrupalGetting Started with Drupal
Getting Started with Drupal
 
Tech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @CriteoTech Job Conference: Software Engineer @Criteo
Tech Job Conference: Software Engineer @Criteo
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 

More from Bishop Fox

InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF... InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
Bishop Fox
 
SpellCheckV2 Rules
SpellCheckV2 RulesSpellCheckV2 Rules
SpellCheckV2 Rules
Bishop Fox
 
Smarter Home Invasion With ZigDiggity
Smarter Home Invasion With ZigDiggitySmarter Home Invasion With ZigDiggity
Smarter Home Invasion With ZigDiggity
Bishop Fox
 
Hacking Exposed EBS Volumes
Hacking Exposed EBS Volumes Hacking Exposed EBS Volumes
Hacking Exposed EBS Volumes
Bishop Fox
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Bishop Fox
 
Ferris Bueller’s Guide to Abuse Domain Permutations
Ferris Bueller’s Guide to Abuse Domain PermutationsFerris Bueller’s Guide to Abuse Domain Permutations
Ferris Bueller’s Guide to Abuse Domain Permutations
Bishop Fox
 
Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Check Your Privilege (Escalation)
Check Your Privilege (Escalation)
Bishop Fox
 
Introduction to Linux Privilege Escalation Methods
Introduction to Linux Privilege Escalation MethodsIntroduction to Linux Privilege Escalation Methods
Introduction to Linux Privilege Escalation Methods
Bishop Fox
 
Penetration Testing Resource Guide
Penetration Testing Resource Guide Penetration Testing Resource Guide
Penetration Testing Resource Guide
Bishop Fox
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Bishop Fox
 
How Perceptual Analysis Helps Bug Hunters
How Perceptual Analysis Helps Bug HuntersHow Perceptual Analysis Helps Bug Hunters
How Perceptual Analysis Helps Bug Hunters
Bishop Fox
 
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at ScaleGetting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
Bishop Fox
 
Evolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
Evolving Cyber Adversary Simulation: How Red Teaming Benefits OrganizationsEvolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
Evolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
Bishop Fox
 
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
Bishop Fox
 
CactusCon 2018 - Anatomy of an AppSec Program
CactusCon 2018 - Anatomy of an AppSec Program CactusCon 2018 - Anatomy of an AppSec Program
CactusCon 2018 - Anatomy of an AppSec Program
Bishop Fox
 
Preparing a Next Generation IT Strategy
Preparing a Next Generation IT StrategyPreparing a Next Generation IT Strategy
Preparing a Next Generation IT Strategy
Bishop Fox
 
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet FarmerBlack Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
Bishop Fox
 
RFID Hacking: Live Free or RFID Hard
RFID Hacking: Live Free or RFID HardRFID Hacking: Live Free or RFID Hard
RFID Hacking: Live Free or RFID Hard
Bishop Fox
 
Defeating Social Engineering, BECs & Phishing
Defeating Social Engineering, BECs & PhishingDefeating Social Engineering, BECs & Phishing
Defeating Social Engineering, BECs & Phishing
Bishop Fox
 
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Bishop Fox
 

More from Bishop Fox (20)

InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF... InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
InfoSec World 2016 – RFIDiggity – Pentester Guide to Hacking HF/NFC and UHF...
 
SpellCheckV2 Rules
SpellCheckV2 RulesSpellCheckV2 Rules
SpellCheckV2 Rules
 
Smarter Home Invasion With ZigDiggity
Smarter Home Invasion With ZigDiggitySmarter Home Invasion With ZigDiggity
Smarter Home Invasion With ZigDiggity
 
Hacking Exposed EBS Volumes
Hacking Exposed EBS Volumes Hacking Exposed EBS Volumes
Hacking Exposed EBS Volumes
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
 
Ferris Bueller’s Guide to Abuse Domain Permutations
Ferris Bueller’s Guide to Abuse Domain PermutationsFerris Bueller’s Guide to Abuse Domain Permutations
Ferris Bueller’s Guide to Abuse Domain Permutations
 
Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Check Your Privilege (Escalation)
Check Your Privilege (Escalation)
 
Introduction to Linux Privilege Escalation Methods
Introduction to Linux Privilege Escalation MethodsIntroduction to Linux Privilege Escalation Methods
Introduction to Linux Privilege Escalation Methods
 
Penetration Testing Resource Guide
Penetration Testing Resource Guide Penetration Testing Resource Guide
Penetration Testing Resource Guide
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
 
How Perceptual Analysis Helps Bug Hunters
How Perceptual Analysis Helps Bug HuntersHow Perceptual Analysis Helps Bug Hunters
How Perceptual Analysis Helps Bug Hunters
 
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at ScaleGetting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
Getting Buzzed on Buzzwords: Using Cloud & Big Data to Pentest at Scale
 
Evolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
Evolving Cyber Adversary Simulation: How Red Teaming Benefits OrganizationsEvolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
Evolving Cyber Adversary Simulation: How Red Teaming Benefits Organizations
 
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
ASU Cybersecurity Symposium - Breaking Into a Career of Breaking In
 
CactusCon 2018 - Anatomy of an AppSec Program
CactusCon 2018 - Anatomy of an AppSec Program CactusCon 2018 - Anatomy of an AppSec Program
CactusCon 2018 - Anatomy of an AppSec Program
 
Preparing a Next Generation IT Strategy
Preparing a Next Generation IT StrategyPreparing a Next Generation IT Strategy
Preparing a Next Generation IT Strategy
 
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet FarmerBlack Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer
 
RFID Hacking: Live Free or RFID Hard
RFID Hacking: Live Free or RFID HardRFID Hacking: Live Free or RFID Hard
RFID Hacking: Live Free or RFID Hard
 
Defeating Social Engineering, BECs & Phishing
Defeating Social Engineering, BECs & PhishingDefeating Social Engineering, BECs & Phishing
Defeating Social Engineering, BECs & Phishing
 
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
 

Recently uploaded

Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
The Third Creative Media
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
vaishalijagtap12
 
Boost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management AppsBoost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management Apps
Jhone kinadey
 
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptxOperational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
sandeepmenon62
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
Tier1 app
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
kalichargn70th171
 
The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024
Yara Milbes
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio, Inc.
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
confluent
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
XfilesPro
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
Bert Jan Schrijver
 
Manyata Tech Park Bangalore_ Infrastructure, Facilities and More
Manyata Tech Park Bangalore_ Infrastructure, Facilities and MoreManyata Tech Park Bangalore_ Infrastructure, Facilities and More
Manyata Tech Park Bangalore_ Infrastructure, Facilities and More
narinav14
 
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in NashikUpturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
kalichargn70th171
 
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
kgyxske
 
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
Luigi Fugaro
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
dakas1
 

Recently uploaded (20)

Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert42 Ways to Generate Real Estate Leads - Sellxpert
42 Ways to Generate Real Estate Leads - Sellxpert
 
Boost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management AppsBoost Your Savings with These Money Management Apps
Boost Your Savings with These Money Management Apps
 
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptxOperational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
Operational ease MuleSoft and Salesforce Service Cloud Solution v1.0.pptx
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
The Power of Visual Regression Testing_ Why It Is Critical for Enterprise App...
 
The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024The Rising Future of CPaaS in the Middle East 2024
The Rising Future of CPaaS in the Middle East 2024
 
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data PlatformAlluxio Webinar | 10x Faster Trino Queries on Your Data Platform
Alluxio Webinar | 10x Faster Trino Queries on Your Data Platform
 
Building API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructureBuilding API data products on top of your real-time data infrastructure
Building API data products on top of your real-time data infrastructure
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
 
Manyata Tech Park Bangalore_ Infrastructure, Facilities and More
Manyata Tech Park Bangalore_ Infrastructure, Facilities and MoreManyata Tech Park Bangalore_ Infrastructure, Facilities and More
Manyata Tech Park Bangalore_ Infrastructure, Facilities and More
 
Upturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in NashikUpturn India Technologies - Web development company in Nashik
Upturn India Technologies - Web development company in Nashik
 
What is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdfWhat is Continuous Testing in DevOps - A Definitive Guide.pdf
What is Continuous Testing in DevOps - A Definitive Guide.pdf
 
bgiolcb
bgiolcbbgiolcb
bgiolcb
 
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
一比一原版(sdsu毕业证书)圣地亚哥州立大学毕业证如何办理
 
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
WMF 2024 - Unlocking the Future of Data Powering Next-Gen AI with Vector Data...
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
 

Lord of the Bing: Taking Back Search Engine Hacking From Google and Bing

  • 1. Lord of the Bing Taking Back Search Engine Hacking From Google and Bing 29 July 2010 Presented by: Francis Brown and Rob Ragan Stach & Liu, LLC www.stachliu.com
  • 2.
  • 3. Goals 3 • To improve Google Hacking • Attacks and defenses • Advanced tools and techniques • To think differently about exposures in publicly available sources • To blow your mind! D R O P K N O W L E D G E O N Y O U
  • 4. Google/Bing Hacking S E A R C H E N G I N E A T T A C K S 4
  • 5. Attack Targets 5 • Advisories and Vulnerabilities (215) • Error Messages (58) • Files containing juicy info (230) • Files containing passwords (135) • Files containing usernames (15) • Footholds (21) • Pages containing login portals (232) G O O G L E H A C K I N G D A T A B A S E • Pages containing network or vulnerability data (59) • Sensitive Directories (61) • Sensitive Online Shopping Info (9) • Various Online Devices (201) • Vulnerable Files (57) • Vulnerable Servers (48) • Web Server Detection (72)
  • 6. Attack Targets 6 Old School Examples • Error Messages • filetype:asp + "[ODBC SQL“ • "Warning: mysql_query()" "invalid query“ • Files containing passwords • inurl:passlist.txt G O O G L E H A C K I N G D A T A B A S E
  • 7. New Toolkit 7 Google Diggity • Uses Google AJAX API • Not blocked by Google bot detection • Does not violate Terms of Service • Can leverage Bing Diggity • Uses Bing 2.0 SOAP API • Company/Webapp Profiling • Enumerate: URLs, IP-to-virtual hosts, etc. • Bing Hacking Database (BHDB) • Vulnerability search queries in Bing format S T A C H & L I U T O O L S
  • 8. New Toolkit 8 GoogleScrape Diggity • Uses Google mobile interface • Light-weight, no advertisements • Violates Terms of Service • Bot detection avoidance • Distributed via proxies • Spoofs User-agent and Referer headers • Random &userip= value • Across Google servers S T A C H & L I U T O O L S
  • 9. New Hack Databases 9 BHDB – Bing Hacking Data Base • First ever Bing hacking database • Bing hacking limitations • Disabled inurl:, link: and linkdomain: directives in March 2007 • No support for ext:, allintitle:, allinurl: • Limited filetype: functionality • Only 12 extensions supported A T T A C K Q U E R I E S Example - Bing vulnerability search: • GHDB query • "allintitle:Netscape FastTrack Server Home Page" • BHDB version • intitle:”Netscape FastTrack Server Home Page"
  • 10. New Hack Databases 10 SLDB - Stach & Liu Data Base • New Google/Bing hacking searches in active development by the S&L team SLDB Examples • ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential • filetype:sql "insert into" (pass|passwd|password) • !Host=*.* intext:enc_UserPassword=* ext:pcf • "your password is" filetype:log A T T A C K Q U E R I E S
  • 11. DEMO N E W G O O G L E H A C K I N G T O O L S 11
  • 12. Traditional Defenses G O O G L E H A C K I N G D E F E N S E S 12 • “Google Hack yourself” organization • Employ tools and techniques used by hackers • Remove info leaks from Google cache • Using Google Webmaster Tools • Regularly update your robots.txt. • Or robots meta tags for individual page exclusion • Data Loss Prevention/Extrusion Prevention Systems • Free Tools: OpenDLP, Senf • Policy and Legal Restrictions
  • 13. Traditional Defenses G O O G L E H A C K I N G D E F E N S E S 13 • “Google Hack yourself” organization • Employ tools and techniques used by hackers • Remove info leaks from Google cache • Using Google Webmaster Tools • Regularly update your robots.txt. • Or robots meta tags for individual page exclusion • Data Loss Prevention/Extrusion Prevention Systems • Free Tools: OpenDLP, Senf • Policy and Legal Restrictions
  • 14. Advanced Defenses P R O T E C T Y O N E C K 14
  • 15. Existing Defenses “H A C K Y O U R S E L F” 15 Multi-engine results Real-time updates Convenient Historical archived data  Multi-domain searching Tools exist
  • 16. Advanced Defenses N E W H O T S I Z Z L E Stach & Liu now proudly presents: • Google Hacking Alerts • Bing Hacking Alerts 16
  • 17. Google Hacking Alerts A D V A N C E D D E F E N S E S 17 Google Hacking Alerts • All hacking database queries using • Real-time vuln updates to >2400 hack queries via RSS • Organized and available via importable file
  • 18. Google Hacking Alerts A D V A N C E D D E F E N S E S 18
  • 19. Bing Hacking Alerts A D V A N C E D D E F E N S E S 19 Bing Hacking Alerts • Bing searches with regexs from BHDB • Leverage &format=rss directive to turn into update feeds • Real-time vuln updates to >900 Bing hack queries via RSS
  • 20. Bing/Google Alerts T H I C K C L I E N T S T O O L S 20 Google/Bing Hacking Alert Thick Clients • Google/Bing Alerts RSS feeds as input • Allow user to set one or more filters • e.g. “yourcompany.com” in the URL • Several thick clients being released: • Google Desktop Gadget • OS independent client • Droid app (coming soon)
  • 21. DEMO A D V A N C E D D E F E N S E T O O L S 21
  • 22. New Defenses “G O O G L E / B I N G H A C K A L E R T S” 22 Multi-engine results Real-time updates Convenient Historical archived data  Multi-domain searching Tools exist
  • 23. Google Apps Explosion S O M A N Y A P P L I C A T I O N S T O A B U S E 23
  • 24. Google PhoneBook S P E A R P H I S H I N G 24
  • 25. Google Code Search V U L N S I N O P E N S O U R C E C O D E 25 • Regex search for vulnerabilities in public code • Example: SQL Injection in ASP querystring • select.*from.*request.QUERYSTRING
  • 26. DEMO G O O G L E C O D E S E A R C H H A C K I N G 26
  • 27. Google Code Search V U L N S I N O P E N S O U R C E C O D E 27
  • 28. Google Code Search V U L N S I N O P E N S O U R C E C O D E 28
  • 29. Black Hat SEO • Use popular search topics du jour • Pollute results with links to badware • Increase chances of a successful attack 29 S E A R C H E N G I N E O P T I M I Z A T I O N
  • 30. Google Trends B L A C K H A T S E O R E C O N 30
  • 31. Defenses B L A C K H A T S E O D E F E N S E S 31 • Malware Warning Filters • Google Safe Browsing • Microsoft SmartScreen Filter • Yahoo Search Scan • Sandbox Software • Sandboxie (sandboxie.com) • Dell KACE - Secure Browser • Office 2010 (Protected Mode) • Adobe Reader Sandbox (Protected Mode) • No-script and Ad-block browser plugins
  • 32. Mass Injection Attacks M A L W A R E G O N E W I L D 32 Malware Distribution Woes • Popular websites victimized, become malware distribution sites to their own customers
  • 33. Malware Browser Filters U R L B L A C K L I S T 33 Protecting users from known threats • Joint effort to protect customers from known malware and phishing links
  • 34. Inconvenient Truth D I C K H E A D A L E R T S 34 Malware Black List Woes • Average web administrator has no idea when their site gets black listed
  • 35. Advanced Defenses P R O T E C T Y O N E C K 35
  • 36. Malware Diggity A D V A N C E D D E F E N S E S 36 Malware Diggity • Uses Bing’s linkfromdomain: directive to identify off-site links of the domain(s) you wish to monitor • Compares to known malware sites/domains • Alerts if site is compromised and now distributing malware Malware Diggity Alerts • Leverages the Bing ‘&format=rss’ directive, to actively monitor new off-site links of your site as they appear • Immediately lets you know if you have been compromised by one of these mass injection attacks or if your site has been black listed
  • 37. Malware Diggity A D V A N C E D D E F E N S E S 37
  • 38. Malware Diggity A D V A N C E D D E F E N S E S 38
  • 39. 39
  • 40. Identify External Links Identify Incoming Links Compare to Black List Detect Infections Alert Malware Monitoring I N F E C T I O N D E T E C T I O N 40
  • 41. Identify Malware Links Mass Inject Competition Competition Black Listed Competition PageRank is 0 Profit Search Engine deOptimization B L A C K L I S T Y O U R F O E S 41
  • 42. Future Direction P R E D I C T I O N S 42
  • 43. Predictions 43 Data Explosion • More data indexed, searchable • Real-time, streaming updates • Faster, more robust search interfaces Google Involvement • Filtering of search results • Better GH detection and tool blocking Renewed Tool Dev • Google Ajax API based • Bing/Yahoo/other engines • Search engine aggregators • Google Code and Other Open Source Repositories • MS CodePlex, SourceForge, … • More automation in tools • Real-time detection and exploitation • Google worms F U T U R E D I R E C T I O N S
  • 44. Real-time Updates 44 F U T U R E D I R E C T I O N S
  • 45. Questions? Ask us something We’ll try to answer it. For more info: Email: contact@stachliu.com Project: diggity@stachliu.com Stach & Liu, LLC www.stachliu.com
  • 46. Thank You 46 Stach & Liu Google Hacking Diggity Project info: http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/