The Web Local
 

 

Goolag

 

Goolag Scanner (gS) is a standalone windows GUI based application released by the Cult of the Dead Cow which uses a pre-defined xml-based configuration file to carry out specific Google web based searches (known as dorks) based on the work/ findings in the Google Hacking Database

Pre-requisites:

 

Microsoft .NET Framework Version 2.0

 

It is available from here.
 

Installation:

 

Simply double-click on the exe.

 

Execution:

 

Insert the domain to be tested and select the dorks to test against:

 

 

Unfortunately one of the side effects of running too many dorks against a site is the danger of getting blocked by Google:

 

 

After inserting the verification code requested by Google in the browser, Goolag will continue until the next block that is!) and a final report is produced, in this case no issues were found:

 

 

Using this program out of the box is not recommended and a fine-grained use of dorks is required.  This may prove useful to some, but I believe some more work needs to go into this application for it to prove really useful.  There are better programs out there at the moment such as wikto/ nikto and especially maltego which are of more use.

 

Its one to watch though, the Cult of the Dead Cow are back and their offerings are usually well worth trying. 

 

IT Security News:

 

Pen Testing Framework:

 

Latest Tool Reviews: