[Owasp-google-hacking] Google hacking code

Christian Heinrich christian.heinrich at owasp.org
Sat Jun 12 22:09:00 EDT 2010


On Sat, Jun 12, 2010 at 6:57 PM, George Anelopolis
<george.anelopolis at gmail.com> wrote:
> As your code for the Google hacking project did not include any "work
> around" of the SOAP Search API, there is no violation of Google TOS.

I disagree as to execute the test harness (prior to its distribution)
would require OWASP to violate Google's TOS and therefore our (OWASP)
agreement with Google.

> It's highly unethical to present research at industry conferences if
> you do not wish to fully disclose the findings. It seems that Mr.
> Empeigne has made a legitimate request, and you should be doing all
> you can to assist.

I disagree as the PoC was last demonstrated well within the period
(i.e. July 2009 at SyScan'09 Singapore) prior to
and furthermore Brad has reviewed the latest slides published at the
conclusion of these the conferences to understand the Google Search
SOAP API functionality within the PoC.

Christian Heinrich - http://www.owasp.org/index.php/user:cmlh
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking

More information about the Owasp-google-hacking mailing list