[Owasp-leaders] BlackHat - "Pulp Google Hacking:The Next Generation Search Engine Hacking Arsenal"

Christian Heinrich christian.heinrich at owasp.org
Mon Aug 1 18:13:45 EDT 2011


Fran Brown and Rob Ragan are presenting tomorrow (3 August) at 4:45PM
at BlackHat i.e.
http://www.blackhat.com/html/bh-us-11/bh-us-11-schedule.html

The major benefit of
https://www.owasp.org/index.php/Testing:_Search_engine_discovery/reconnaissance_(OWASP-IG-002)
over the GHDB is that the Search Results aren't limited to the false
positives from the GHDB, rather the OWASP alternative discovers all
possible technical vulnerabilities and information leakage, such as
information not intended to be made public by reversing the display
order of the search results. I also pioneered the use of Google Alerts
to automate this process i.e. mentioned ~40:55 within
http://video.google.com/videoplay?docid=5419982525671711780.

Since I don't attend BlackHat or DefCon by I would appreciate it if
someone could attend their session and highlight the benefits of our
approach .


-- 
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the OWASP-Leaders mailing list