SteveManorGoogle Hacking evolve (alert system)-

Google hacking is getting a reboot. Researchers dig through the search engine with specialized queries in order to locate vulnerabilities on websites.

At the Black Hat security conference, researchers Rob Ragan and Francis Brown from security firm Stach & Liu, detailed their new efforts for hacking both Google (NASDAQ: GOOG) and the Microsoft (NASDAQ: MSFT) Bing search engine. The new tools and techniques are intended to provide a rapid alert system for enterprises to help identify risk within their organizations.

The GoogleDiggity and the BingDiggity projects, these are the tools that enable users to perform security research with pre-built query strings to locate common vulnerabilities. The GoogleDiggity tool uses the Google AJAX API and Google’s custom search to deliver results.

Ragan noted that back in 2004, researcher Johnny “I Hack Stuff” Long created a Google Hacking Database, which included queries that could be used to detect potential security issues. Ragan and his colleagues are now using a similar idea to build a Bing Hacking Database for vulnerability search queries using Microsoft’s search engine.

Brown noted from an enterprise scalability perspective that it’s not practically feasible for companies to periodically Google hack themselves. But for an enterprise, it is important to have a way of knowing when they have some kind of vulnerability or information leakage as soon as possible, he argued.

The researchers have leveraged their Google hacking work to create search-engine-powered back alerts. The approach is similar in scope to the Google Alerts system in which users select a keyword and are then sent emails or RSS updates whenever new instances of that keyword are found.

Ragan said, “What we did is we imported our hacking query database into Google and Bing hacking alerts”. “So we’re looking at over 2,300 queries and getting updates via RSS as they happen.”

Brown noted that the hack alerts system will be made available as an OPML file so that others can simply import the RSS feeds into a feed reader.

In an effort to help enterprises scale and customize the hack alerts, Ragan said that his team is working on a Google desktop gadget as well.

Tags: , , ,