LifeHacker has a link to the Ethical Hacker Network that posts about ten security searches you can do of your web site.  These were taken from the book “Google Hacking for Penetration Testers” by Johnny Long and Ed Skoudis.

  • intitle:index.of
  • error | warning
  • login | logon
  • username | userid | employee.ID | “your username is”
  • password | passcode | “your password is”
  • admin | administrator
  • –ext:html –ext:htm –ext:shtml –ext:asp –ext:php
  • inurl:temp | inurl:tmp | inurl:backup | inurl:bak
  • intranet | help.desk
Advertisements