January 17th, 2018 By Uladzislau Murashka
Search engines are a treasure trove of valuable sensitive information, which hackers can use for their cyber-attacks. Good news: so can penetration testers.
From a penetration tester’s point of view, all search engines can be largely divided into pen test-specific and commonly-used. The article will cover three search engines that my counterparts and I widely use as penetration testing tools. These are Google (the commonly-used) and two pen test-specific ones: Shodan and Censys.
Google
Penetration testing engineers employ Google advanced search operators for Google dork queries (or simply Google dorks). These are search strings with the following syntax: operator:search term. Further, you’ll find the list of the most useful operators for pen testers:
Full Article.
Using Search Engines as Penetration Testing Tools
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.