Banking

Goolag security tool uses Google to scan sites for vulnerabilities

Goolag Scanner is a Web auditing tool released by the hacker group Cult of Dead Cows. The tool uses the prowess of the search engine to surface vulnerabilities on Web sites.

Goolag Scanner is a Web auditing tool released by the hacker group Cult of Dead Cows. The tool uses the prowess of the search engine to surface vulnerabilities on Web sites.

A quote from the cDc Web site:

"It's no big secret that the Web is the platform," said cDc spokesmodel Oxblood Ruffin. "And this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for Web site owners to patch up their online properties.

The hacker group has been famous for its Back Orifice (a pun on Microsoft's BackOffice Server) software -- a tool that grays the line between legitimate network administration and hacking cracking.

There have been several security and auditing tools in the market, but it is also a fact that the Web as a platform is not the most secure of architectures. Having started its life in research labs focused on document sharing among academics, security may not have been the first thing on the minds of the architects who laid the foundation for networking technologies.

Goolag is open source and comes as a standalone application with GUI. You can read the specifications here.

And tools such as Goolag will be a wake up call to security administrators to take a close look at their own sites -- before someone else does. How are you preparing to face (or brace) the security scanner?

More information:

--------------------------------------------------------------------------------

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

11 comments
cathar.gnostic
cathar.gnostic

Who do they think they are, Google has been a good tool for years, they just put the same stuff in a package and are trying to take credit for it. Get a life Geeks...

e_caroline
e_caroline

Downloaded it... it got bagged by my anti-virus software. Zonealarm Suite PRO Quarantined it, uninstalled it and am scanning whole computer. One more virus found... probably related to Goolag download but not certain that this third infection indication is Goolag-related.

velan_vs
velan_vs

This is a very great info for network administrators who like me have been trusting the search engines blindly

Neon Samurai
Neon Samurai

"grays the line between legitimate network administration and hacking." In the negative form of the act, it is pronounced "Cracking" and has nothing to do with Hacker culture or mentality. I've stood on my soap box often enough but your misuse of the term is pretty blatant and up front. Outside of symantecs, Cheers for the tool review. I expect this will be in my collection beside C&A soon after work this evening.

Elvis.Is.Alive
Elvis.Is.Alive

I like how TechRepublic links directly to the Specifications page, and on the page, in section "2.4 Constraints", it reads: To lamerZz: buy some mouthwash. Gargle. And suck our dick. Now that is funny.

d.g.holm
d.g.holm

This isn't about whether or not you can trust search engines. This is about whether or not your network is secure. The search engines are not doing anything underhanded or untrustworthy. If your network is revealed as vulnerable through the use of a search engine, then that is your fault, not the search engine's fault.

pr.arun
pr.arun

It was a little (though quite openly noticed) slip on my part. Cracking and Hacking are different. Changes have been made. :)

Timbo Zimbabwe
Timbo Zimbabwe

As well as other chuckle-related information, such as; "NOTE: If you use C#, you probably feel the need for C++, if you use C++ you may need Python, in a Python-project you'll learn the need for Java, using Java, you will love C# or Fortran. Or Assembler. Or simply commit suicide. (Programming is a bitch.)"

pr.arun
pr.arun

The link was needed to have all the details... the others came along.

Editor's Picks