“Cult of the Dead Cow”, a group of hackers has released a Google Web auditing scanner called “Goolag Scanner”, that allows users to search a specific website or domain for exploitable flaws through the search engine.
The Goolag Scanner is a standalone Windows GUI-based application, is intended for website owners to audit their own web pages. It is grounded in Google scanning technology developed by a well-known hacker that goes by the name “Johnny I Hack Stuff.” Goolag is open-source and freely available for download under the GNU Affero public license.
The Goolag scanner works by sending the same queries to Google as a user would from a browser. Shipped as a Windows .NET program, it can be configured to power 1,500 embeddable Google queries for servers or an entire domain set. It then scans the pages, looking for misconfigured web servers with open backdoors, sensitive usernames and passwords, and a host of other vulnerable information.
Because Goolag is an automated program, it may run into some problems. For one, you’ll only be able to run a few queries at a time. Google has made efforts to detect and deny automated searches, which will limit the number of queries one can run. You may also run the risk of being recognized as an automated tool, and could potentially have your IP address shut down.
Source:→ SEJ
Hacj, Hacker, Goolag Scanner, Google, Vulnerability, Scanner, Tools, Hacking Tools
4 Responses | RSS comments on this post | Leave a comment»
2 Trackbacks & Pingbacks: | TrackBack URI
-
Pingback from 1» download goolag News trend site: Just another WordPress weblog says:February 26th, 2008 at 7:13 am
[...] Goolag Scanner: Google Vulnerability Scanner [...]
-
Pingback from 2Hacking » Blog Archive » Goolag Scanner: Google Vulnerability Scanner says:February 26th, 2008 at 12:14 am
[...] Read the rest of this great post here [...]
Josh, Thanks for the info. I’ve just checked and it’s full of features.
I loved goolag, I think it is great, however I have checked other vulnerability scanners as well, and I think that I would choose a commercial scan on my site rather than an open source project. maintenance and tehc support is critical here and counting on open source could be a problem.