Google Code
Tuesday, November 18th, 2008
http://code.google.com/
In particular I am using the AJAX API for RAD for small micro solutions
NOTICE they do not support YUI ! LOL
The AJAX Libraries API takes the pain out of developing mashups in JavaScript while using a collection of libraries. We take the pain out of hosting the libraries, correctly setting cache headers, staying up to date with the most recent bug fixes, etc. http://code.google.com/apis/ajaxlibs/
heres some good potent google searches
underground googling
Anopther great thing to work on is setting up your Google Alerts.
site
- The site operator is great for trolling through all the content Google has gathered for a target.
- This operator is used in conjunction with many of the other queries presented here to narrow the focus of the search to one target.
intitle:index.of
- The universal search for Apache-style directory listings.
- Directory listings provide a wealth of information for an attacker.
error | warning
- Error messages are also very revealing in just about every context.
- In some cases, warning text can provide important insight into the behind-the-scenes code used by a target.
login | logon
- This query locates login portals fairly effectively.
- It can also be used to harvest usernames and troubleshooting
procedures.
username | userid | employee.ID | “your username is”
- This is one of the most generic searches for username harvesting.
- In cases where this query does not reveal usernames, the context around these words can reveal procedural information an attacker can use in later offensive action.
password | passcode | “your password is”
- This query reflects common uses of the word password.
- This query can reveal documents describing login procedures, password change procedures, and clues about password policies in use on the target.
admin | administrator
- Using the two most common terms for the owner or maintainer of a site, this query can also be used to reveal procedural information (“contact your administrator”) and even admin login portals.
ext:html –ext:htm –ext:shtml –ext:asp –ext:php
- This query, when combined with the site operator, gets the most common files out of the way to reveal more interesting documents.
- This query should be modified to reduce other common file types on a target-by-target basis.
inurl:temp | inurl:tmp | inurl:backup | inurl:bak
- This query locates backup or temporary files and directories.
intranet | help.desk
-
This query locates intranet sites (which are often supposed to be protected from the general public) and help desk contact information and procedures.