Google Hacking Reports, Techniques, & Analysis - Hacker Intelligence Initiative (HII) - Analysis of Trending Hacking Techniques and Attack Campaigns

Blog|Login|中文•Deutsche•日本語

Hacker Intelligence Initiative (HII)

Print

Share Request Info

Request Info

First Name:

Last Name:

Email:

Phone:

Company Name:

State/Province:

Country:

Specify your request here:

Information provided will be used by Imperva, Inc. in accordance with the revised privacy policy effective as of December 15, 2011.

ADC Hacker Intelligence Initiative

The Imperva Hacker Intelligence Initiative goes inside the cyber-underground and provides analysis of the trending hacking techniques and interesting attack campaigns.

Selected Tag: Google Hacking \| Show All

	Report #3 -- The Convergence of Google and Bots: Searching for Security Vulnerabilities using Automated Botnets This Imperva's Hacker Intelligence Initiative (HII) report reveals that hackers are leveraging the power of search engines to conduct cyber reconnaissance. Hackers, armed with a browser and specially crafted search queries ("Dorks"), are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed. Automating the query and result parsing enables the attacker to issue a large number of queries, examine all the returned results and get a filtered list of potentially exploitable sites in a very short time and with minimal effort. As searches are conducted using botnets, and not the hacker's IP address, the attacker's identity remains concealed. Tags: Google Hacking, Botnets, Bots, SQL Injection, Data Security


	Report #1 -- Remote File Inclusion We begin our first report by describing an attack which usually flies under the radar – Remote File Inclusion (RFI). Although these attacks have the potential to cause as much damage as the more popular SQL Injection and Cross-Site Scripting (XSS) attacks, they are not widely discussed. HII has documented examples of automated attack campaigns launched in the wild. This report pinpoints their common traits and techniques, as well as the role blacklisting can play in mitigating them. Tags: Google Hacking, Web Application Attacks, Buffer Overflow, CSRF, SQL Injection, Cross-Site Scripting, XSS, Search Engine Poisoning, SEP, Botnets, Remote File Inclusion, RFI

Selected Tag: Google Hacking \| Show All

Subscribe to HII Reports

Latest Reports

Report #16 -- Get What You Give: The Value of Shared Threat Intelligence

Multimedia

Subscribe

Sign Up and stay informed about all the latest attacks and hacking techniques.

Subscribe Now

BUSINESS SECURITY LEADER

BUSINESS SECURITY LEADER

Imperva is a pioneer and leader of a new category of business security solution that protects high value applications and data from theft, insider abuse, and fraud. Learn More »

JOIN THE DISCUSSION

Follow us on Twitter Like us on Facebook Follow us on Google+ See us on SlideShare Join us on LinkedIn

Blog Watch us on YouTube Pin us on Pinterest Listen to us on iTunes Contact a Security Specialist

SOLUTIONS FOR MIDSIZED BUSINESSES

WEBSITE SECURITY FOR MIDSIZED BUSINESSES

Midsized businesses gain best-of-class protection for critical Web assets with our easy to use and affordable cloud-based security service, Imperva Incapsula. Learn More »

Copyright ©2013 Imperva. All Rights Reserved. Privacy & Legal

Get LinkedIn to Data Security Direct | Site Map | Contact Us