Recent changes in Google’s SOAP-API rendered many security tools using Google useless. The aim of the Diggity project is to provide security researchers and network admins with a toolset to utilize Google Search and Bing again to uncover security vulnerabilities.

The two command line programs for Windows, Google Diggity and Bing Diggity, are offered as a free download on the project website.

Google Diggity:

The command line tool comes with a dataset of more than 1500 different vulnerability signatures, including insecure admin interfaces, SQL-injections, Cross-Site-Scripting vulnerabilities or documents that contain sensible information like passwords or financial data.

The commands define the nature of the search. It is possible to run the full set of known signatures against a website, server or IP, or perform a Google custom search which is limited to the first 64 results.

google diggity

With the retirement of Google’s SOAP Search API on September 7, 2009, most of the security utilities available for Google Hacking cease to function, leaving the security industry with a need for new and innovative tools. GoogleDiggity is a new MS Windows command line utility designed to help fill that need. GoogleDiggity leverages the Google AJAX API, so it will not get you blocked by Google bot detection while scanning. Also, unlike other Google Hacking tools available, GoogleDiggity actually allows you to specify a Google Custom Search Engine (CSE) id to run Google Hacking vulnerability checks against a customized version of Google that will only return results tailored to your organization.

BingDiggity

Bing Diggity has not been released yet, but will be available for download shorty.

BingDiggity is a new command line utility that leverages the new Bing 2.0 API and Stach & Liu’s newly developed Bing Hacking Database (BHDB) to find vulnerabilities and sensitive information disclosures related to your organization that are exposed via Microsoft’s Bing search engine. This utility also provides footprinting functionality that allows you to enumerate URLS, hosts, domains, IP-to-virtual host mappings, etc. for target companies

Google Hacking Alerts and Bing Hacking Alerts

Google Alerts and Bing Alerts have been created for every vulnerability signature to assist network administrators, security researchers and webmasters with the monitoring of security vulnerabilities.

Currently, only Google Hacking Alerts are offered, with Bing Hacking Alerts released in the near future. Google Hacking Alerts make use of Google Alerts to provide realtime information about new websites appearing in Google Search that are vulnerable to one of the 1623 signatures. A Google Reader compatible RSS feed is provided on the project homepage. The RSS feed alerts are grouped into categories.

google alerts

This, in conjunction with filters makes it a solid defense strategy. The RSS feed is compatible not only with Google Reader but also other feed readers. Downloads and additional information are provided at the project website.

The default type is comprehensive which means that Google observes everything for the user. It can be changed to video, blog or web related alerts which would exclude the rest of the types. Alerts can be send out once per day which is the default value. That can be changed to once per week and to when it happens which could mean that you get bombarded with emails if you happen to observe a popular term.

A Google account is needed to configure and manage the alerts. The mail on the other hand can be entered freely and does not have to be the Gmail address.

Make Use Of have posted about a service called Feed My Search today which converts Google Alerts into RSS Feeds. That’s definitely convenient to use and highly recommended.