[Owasp-board] Fwd: Google Hacking Inquiry

dinis cruz dinis.cruz at owasp.org
Fri Aug 20 11:44:25 UTC 2010

Board, FYI (see below) the GPC guys have chosen to NOT address the issue of
the GHP deliverables quality, which is a missed oportunity.

We will still need to address that problem. Any ideas on who should do it?

Dinis Cruz

Begin forwarded message:

*From:* Brad Causey <bradcausey at owasp.org>
*Date:* 19 August 2010 15:32:30 GMT+01:00
*To:* Christian Heinrich <christian.heinrich at owasp.org>
*Cc:* Jason Li <jason.li at owasp.org>, dinis cruz <dinis.cruz at owasp.org>
*Subject:* *Re: Google Hacking Inquiry*
*Reply-To:* bradcausey at owasp.org


Just so you know, the quality of your code is not in question as part of
this inquiry.

-Brad Causey

"Si vis pacem, para bellum"

On Thu, Aug 19, 2010 at 1:08 AM, Christian Heinrich <
christian.heinrich at owasp.org> wrote:

> Brad and Jason,
> I have sent "Brad" a list of non threatening questions based on the
> e-mail he sent to Dinis Cruz which started the inquiry.
> The e-mail from "Steven" had nothing further as far as I can tell and
> I had already addressed what was presented at RUXCON i.e.
> https://lists.owasp.org/pipermail/owasp-australia/2008-November/000151.html
> Can you please let me know if there is anything else I can do to
> assist your efforts?
> ---------- Forwarded message ----------
> From: Christian Heinrich <christian.heinrich at owasp.org>
> Date: Thu, Aug 19, 2010 at 3:45 PM
> Subject: Re: Your Concern?
> To: Brad Empeigne <brad.empeigne at gmail.com>
> Brad,
> I need further information on the following to assist with the inquiry:
> >> As someone who is comfortable with Perl i must admit that I'm
> >> surprised by how basic this code is and it does look rather
> >> amateurish.
> Can you please outline how it does not conform to Perl Best Practices
> and CPAN Script Standard?
> >> Not only that but the general concept of the code is
> >> simple too since it appears to just be a google cache search and not
> >> much more?
> How did I not meet your expectation based on your review of the slidedeck?
> >> To be frank it looks like a couple of hours of work and it
> >> maybe belongs as some example code referenced on a wiki page after
> >> being tidied up, but thats about it. i am sorry to say that it is far
> >> from worthy of being presented at multiple international conferences
> >> and the publicity this has received is not warranted.
> In your opinion, why is the OWASP methodology inferior to the GHDB ?
> What publicity did I receive or seek from it's presentation at SyScan,
> RUXCON or SecTor?
> --
> Regards,
> Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
> OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20100820/0568c7a9/attachment-0002.html>

More information about the Owasp-board mailing list