Abstract
There is a continuously increasing number of attacks on publicly available systems in the internet. This requires an intensified consideration of security issues and vulnerabilities of IT systems by security responsibles and service providers. Beside classical methods and tools for penetration testing, there exist additional approaches using publicly available search engines. In this paper we present an alternative approach for vulnerability analysis with both classical as well as subject-specific engines. Based on an extension and combination of their functionality, this approach provides a method for obtaining promising results for audits of IT systems, both quantitatively and qualitatively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Genge, B., Enǎchescu, C.: ShoVAT: shodan-based vulnerability assessment tool internet-facing services. Secur. Commun. Netw. (2015)
Long, J.: Google Hacking for Penetration Testers. Syngress, Rockland (2007)
Opp, A.: Schwachstellenanalyse mittels klassischer Internet-Suchmaschinen. Master’s Thesis, Hochschule Kaiserslautern, October 2014
Oswald, M.: Verwendung von Google Dorks zur Durchführung von anonymisierten und personalisierten Massensuchanfragen. Master’s Thesis, Fernuniversität Hagen, September 2015
Schmidt, O.: Verwundbarkeitsanalyse mittels themenfeldorientierten Suchmaschinen. Master’s Thesis, Fernuniversität Hagen, September 2015
von Thaden, S.: Analyse und Optimierung von Dork-Anfragen. Master’s Thesis, Fernuniversität Hagen, September 2015
Zhang, J., Notani, J., Gu, G.: Characterizing google hacking: a first large-scale quantitative study, November 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Simon, K. (2016). Vulnerability Analysis Using Google and Shodan. In: Foresti, S., Persiano, G. (eds) Cryptology and Network Security. CANS 2016. Lecture Notes in Computer Science(), vol 10052. Springer, Cham. https://doi.org/10.1007/978-3-319-48965-0_51
Download citation
DOI: https://doi.org/10.1007/978-3-319-48965-0_51
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48964-3
Online ISBN: 978-3-319-48965-0
eBook Packages: Computer ScienceComputer Science (R0)