Click here for Vacation Photos

« Sixers Strike Thunder!
The Cat & The Cupcake »

Google Code

http://code.google.com/

In particular I am using the AJAX API for RAD for small micro solutions
NOTICE they do not support YUI ! LOL
The AJAX Libraries API takes the pain out of developing mashups in JavaScript while using a collection of libraries. We take the pain out of hosting the libraries, correctly setting cache headers, staying up to date with the most recent bug fixes, etc.   http://code.google.com/apis/ajaxlibs/

heres some good potent google searches
underground googling

Anopther great thing to work on is setting up your Google Alerts.

http://www.google.com/alerts 

site

  • The site operator is great for trolling through all the content Google has gathered for a target.
  • This operator is used in conjunction with many of the other queries presented here to narrow the focus of the search to one target.

intitle:index.of

  • The universal search for Apache-style directory listings.
  • Directory listings provide a wealth of information for an attacker.

error | warning

  • Error messages are also very revealing in just about every context.
  • In some cases, warning text can provide important insight into the behind-the-scenes code used by a target.

login | logon

  • This query locates login portals fairly effectively.
  • It can also be used to harvest usernames and troubleshooting
    procedures.

username | userid | employee.ID | “your username is”

  • This is one of the most generic searches for username harvesting.
  • In cases where this query does not reveal usernames, the context around these words can reveal procedural information an attacker can use in later offensive action.

password | passcode | “your password is”

  • This query reflects common uses of the word password.
  • This query can reveal documents describing login procedures, password change procedures, and clues about password policies in use on the target.

admin | administrator

  • Using the two most common terms for the owner or maintainer of a site, this query can also be used to reveal procedural information (“contact your administrator”) and even admin login portals.

ext:html –ext:htm –ext:shtml –ext:asp –ext:php

  • This query, when combined with the site operator, gets the most common files out of the way to reveal more interesting documents.
  • This query should be modified to reduce other common file types on a target-by-target basis.

inurl:temp | inurl:tmp | inurl:backup | inurl:bak

  • This query locates backup or temporary files and directories.

intranet | help.desk

  • This query locates intranet sites (which are often supposed to be protected from the general public) and help desk contact information and procedures.


site:site.com - inurl:site.com



Digg it | Save to del.icio.us | Netscape | Reddit | Stumble It!

- - - - - S P O N S O R I N G     A D V E R T I S M E N T - - - - -

This entry was posted on Tuesday, November 18th, 2008 at 2:36 pm and is filed under programming. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Post your thoughts in the Comments ...
Not signed up to share your ideas & thoughts?
It’s free and easy to collaborate! Click Here to begin

Click Here to earn money for reviewing this post

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Leave a Reply

You must be logged in to post a comment.