Infamous hacking group the Cult of the Dead Cow (cDc), probably best known for their release of Back Orifice ten years ago, today released a tool that utilizes known server exploits as search terms in Google to scan websites for vulnerabilities and private data.
The new tool, dubbed Goolag Scan, presents the results as a list of links containing information regarding the nature of each vulnerability and exploit. It’s just as provoking as any of the other tools the group has released, making it easy for unskilled users to track down sensitive information on specific websites. Though according to the cDc, their intention is to provide an easy and legitimate tool for security professionals to test their own websites for vulnerabilities.
Indeed Goolag Scan does give IT administrators a handier way to look for flaws and leaks that could be exposed via Google searches. Of course, by performing large-scale automated searches, there’s always the risk of getting your IP address blocked by Google.