The Google Hacking Database: A Key Resource to Exposing Vulnerabilities

We all know the power of Google—or do we? Two types of people use Google: normal users like you and me, and the not-so-normal users—the hackers. What types of information can hackers collect from Google? How severe is the damage they can cause? Is there a way to circumvent this hacking? As a security tester, Kiran Karnad uses the GHDB (Google Hacking Database) to ensure their product will not be the next target for hackers. Kiran describes how to effectively use Google the way hackers do, using advanced operators, locating exploits and finding targets, network mapping, finding user names and passwords, and other secret stuff. Kiran provides a recipe of five simple security searches that work. Learn how to automate the Google Hacking Database using Python so security tests can be incorporated as a part of the SDLC for the next product you develop.

Kiran Karnad, MIMOS Berhad

After more than sixteen years in software testing and implementation, Kiran Karnad found his true calling in penetration testing. Proudly calling himself a hands-on lead for information security, Kiran has worked with several Fortune 500 companies and mentored software test teams in multiple geographies. Currently leading the functional and security efforts at MIMOS, Kiran strives to identify process improvement opportunities throughout the organization and to implement them effectively.

Related Sessions

Automated Testing of a Dynamically Configurable System

Succeeding with Mobile Test Automation – Functional and Performance Testing Strategies

Best Practices, Key Considerations and Pitfalls in Mobile Testing

Get Testing Help from the Crowd

Testing to Detect Problems that Will Hurt the Bottom Line

Create a One-Page Capacity Model for High-Traffic Web Applications

Quality Engineering to Drive Speed

Security Testing Mobile Applications

Test Managers: How You Can Really Make a Difference NEW

Model-Based Testing with Keywords