Overview
Explore the lost art of application reconnaissance in this 47-minute conference talk by Tony Miller at GrrCON 2015. Dive into advanced Google search techniques, including Google hacking and advanced operators, to uncover hidden information about web applications. Learn how to leverage the Google Hacking Database, find admin logins, and discover vulnerable Axis cameras. Explore DNS records, cloud services, and social media for valuable intel. Discover techniques for identifying developers and extracting document metadata. Apply these skills in practice using Google Dorks, ExploitDB, and other tools. Master the art of passive reconnaissance to enhance your cybersecurity knowledge and skills.
Syllabus
Intro
Application Recon
Recon
Story
Google
Google Search
Top 5 Findings
Google Hacking
Types of Google Hacking
Google Advanced Operators
Intitle Index
Google Hacking Database
Finding Admin Logins
Axis Cameras
Web Services
Google Hacking Tools
DNS Records
Cloud
OpenBSD
Subroot
Social Media
Finding Developers
Document Metadata
How do we put this into practice
Google Dorks
ExploitDB
Showit
MultiGo
FOAP
Medic
Passive Recon