Академический Документы
Профессиональный Документы
Культура Документы
Jennie DeLucia/JD Consulting Presentation Rochester Regional Library Council December 14, 2006
Synonyms are bolded along with exact keyword matches on the results page so they are easy to spot
Note: Google normally doesnt recognize special characters like $, but because the $ sign was necessary for the number feature, you can use it in all sorts of searches Try these two searches to see the difference
yard sale bargains 10 yard sale bargains $10
Google DOES NOT support explicit stemming, BUT it implicitly stems for you For example, searching for dietary will yield results for diet and other variations on the theme.
What you think youre asking for results from either .com or .edu, but youre actually saying is that site results should come from both simultaneously.
Archives.org
This is one of my favorite websites, its does not have anything to do with Google, but it I think you will find it interesting www.archive.org This is a hacker paradise..but why?
Google Hacking
What are common things that a hacker would want to find out about a website?
Administrative accounts Logs (error or auditing logs) What data is housed on the site Sensitive directories Advisory and server vulnerabilities
Google Hacking
The terms login and logon locate logon portals
Login | logon Why is this an issue? What type of information can a hacker find out about your website?
Google Hacking
Username | userid | employee.ID | your name is These are just a few ways to obtain a username from a target website
Site:www.rit.edu username | userid | your name is
Google Hacking
Password | passcode | your password is Perfect combo attack and/or reconnaissance work for a hacker to get a get a username and password to access a site Site:www.rit.edu username password
Google Hacking
Admin | administrator
Who doesnt want to find pages that potentially contain administrative/admin access? Site:www.rit.edu admin password What other ways or what other modifiers can we add to find more detailed admin information?
Google Hacking
-ext is a synonym for filetype Negative query What are we looking for with the following searches?
-ext:html ext:htm ext:shtml ext:asp ext:php http://www.filext.com/index.php- best site for finding any type of file extension
Google Hacking
Inurl:temp | inurl:tmp | inurl:backup | inurl:bak This will search for temporary or backup files or directories on a server There are many different naming conventions, but you can get the jist of it
Google Hacking
Intranet | help.desk We arent necessarily looking for private intranets, but you would be surprised as to what you find How many of you use your intranet on a daily basis? What type of information could someone find if they could gain access?
Microsoft Frontpage Service Web passwords Password list user Index.of passlist credentials