Use of Google hacker and prevention of Google hacker

This article introduces three Google hacking tools: Gooscan, SiteDigger, and Wikto, as well as simple prevention of Google hacking behavior.
 
Before we prevent google hacker, let's take a look at what google hackers are?
 
Google hackers are a hacker technology that uses Google search engines and other Google applications to find configuration and security vulnerabilities in website code.
 
Google is a powerful search engine that can do many things and is a very useful hacker tool. with simple google dorks, people can crack a website and many WEB developers cannot protect their personal data and users' personal data. For example, with Google dorks, attackers can extract various information, such as detailed information about database configuration, user name, password, directory list, and error information. For example:
 
Intitle: index. of. config
 
These directories can display the web server configuration information. these directories do not mean that they are all public, because the security level they contain depends on the password file. They can also contain information about each port and security permissions.
 
The main cause of data leakage is the improper data security configuration on the Internet. There are several ways to protect our server network.
 
Public servers are used to store data that is mostly accessible to the public. If your relational database is private, the best way is to isolate it from the public server. Many people know the risks related to the directory list. The directory list allows users to see files, subdirectories, and so on stored in the directory. htaccess files are listed. In fact, this file is used to protect the contents of directories and cannot be configured as readable files. However, a simple configuration error can make this file easy to list. Because many people upload important data to the server for better access anytime, anywhere, hackers search for Crawler indexes through the network and can easily obtain sensitive directory information. One of the simplest defenses is that website administrators can create a robots.txt file to specify a specific location to prevent access by search engines. To ensure protection, use the robots.txt file to avoid reading important directories or files by search engines. For example:
Allow all robots to access all files
 
User-agent :*
Disallow:
 
The following configuration does not allow search engines to include all directories.
User-agent: * www.2cto.com
Disallow :/
I can also disable the search engine from indexing the specified directory. The following example will disable the search engine from indexing the infosec directory and Its subdirectories.
 
User-agent :*
Disallow:/infosec/
In the following example, Google robots are organized to capture everything on our website, but other search engine robots are allowed to access the entire website.
 
User-agent: googlebot
Disallow :/
 
The following meta tag prevents all robots from scanning any links on the website.
 
<Meta name = "robots" content = "noindex, nofollow">
 
We can also use this tag to deny or allow some crawlers, for example:
 
<Meta name = "googlebot" content = "noindex, nofollow">
Google dork checks the htaccess file as follows:
 
Intitle: index of ". htaccess"
 
All websites with. htaccess files will be listed.
Columnable directories should be in hexadecimal format unless they need to be enabled. if the index file defined in the server configuration is lost, the column directory is also allowed. on the apache server, we can use httpd. before the config file, use the minus or broken number method to convert the directory columns.
Check your website:
 
This article shows you how to prevent hackers from obtaining potential security vulnerabilities of your website through manual and automatic tests. we will discuss how to prevent your website from being obtained by google hacker. I will tell you how to view your website from google's perspective.
 
The simplest command is:
 
Site: nxadmin.com lists the nxadmin.com cache pages.
 
Now you can click to open all the links listed above to check whether the directories or files are publicly accessible. however, if you want to check connections exceeding million, the above method may be time-consuming. The following describes some automated testing tools.
 
 
 
Gooscan
Sitedigger
Wikto
 
Gooscan is a linux-based tool that can display a large number of google search results. because it does not use google APIs, it violates google's Terms of Service. Using this tool may cause google to block IP addresses.
 
This tool has the following parameters. Two parameters are required for executing a scan. You can also use other parameters.
 
-T target. This parameter is used to define the target. A target can be a host name or IP address.
 
-Q query (query): this parameter is used to query a specific search result. To use-q, you only need a single parameter. For example:
 
-Q intitle: index of ". htaccess"
 
This tool can also read multiple queries from the query file.
-O output_file: If you want to create an html output file, you can use this parameter. The output file will contain all links, depending on the query results.
 
-P proxy: port uses the html proxy Server
 
-V verbose mode
-S site: get results from a specific target or domain
 
Use gooscan:
 
Gooscan can be used to send a query or multiple queries. For example:
 
Gooscan-q "hack"-t www.google.com-s nxadmin.com
 
To create an output file, for example:
 
Gooscan-q "hack"-t www.google.com-o nxadmin.html
 
You may encounter problems when using gooscan to execute multiple queries. To avoid this problem, we can use a small batch of queries instead of sending a large number of files, use the head command to create a small data file.
 
Head-5 data_files.gdork.gs> data_files/small_dorks.gs
 
Gooscan-t www.google.com-I data_files/small_dork.gs-o nxadmin.html
 
Once the output file is created, you can find the available links.
 
 
 
SiteDigger:
 
SiteDigger is a good tool written by Foundstone. It integrates google hacking database and uses google APIs. siteDigger only allows you to select one site for testing. You only need to select rules against google hacking before running SiteDigger. You can select any category of dork and query, and the corresponding link will be returned.
 
 
 
Wikto:
 
Wikto is another tool used by Google hacking. It is a complete web evaluation tool, which means you can use this tool to test your server. run this application on the server. to implement google hacking, we have an applet named googler. This applet serves as the backend, and then imports and uses google indexes to search for specific file types. another small program called googlehacks can be used in Wikto, where GHDB can automatically query any specific website.
 
 

Google hack honeypot:
 
The Goole hack password (GHH) aims to observe the attack behavior using search engines as a hacker tool. this realizes the concept of honeypot and provides additional security for your webpage. it allows us to monitor any attack attempts that endanger your security. GHH also has a record function that allows us to manage these attacks and take corresponding actions.
 
: Http://ghh.sourceforge.net
 
Installation Details: http://ghh.sourceforge.net/gettingstarted.php