Professional Security Testers resources warehouse - Downloads: "Search engines as penetration testing tools"
Description: Through examples, the paper will show how the techniques subsequently described can be used to steal or corrupt large quantities of sensitive information, to perform large-scale system recognition and to disrupt those systems in more subtle ways. All this while remaining anonymous and in many cases by never accessing the target server itself. A brief presentation will be made about how intrusion detection system signatures can be used to format new queries, which are likely to return many vulnerable and/or misconfigured servers. Finally, the paper presents the few solutions available and demonstrates how to properly implement them.
Version: V1 Filesize: 76.00 Kb