Description: With hundreds of web applications deployed over the web, it is a really difficult task to keep up with their vulnerabilities and to fix them. Also, minor configuration mistakes on web servers could lead to data leakage and compromise. Interestingly search engines stumble upon many of these vulnerable scripts and leaked data, and catalog it, making it easy for the bad guys to query them and find out vulnerable websites. It is thus important for web masters to understand how to find all this information and mitigate these attacks before they happen. One of the tools we found to be quite good for this exercise was SEAT. A brief description and usage videos follow.
SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It’s multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with a goal of system security assessment. Furthermore, SEAT’s ability to easily process additional search engine signatures as well as custom made vulnerability databases allows security professionals to adapt SEAT to their specific needs.
Supported Search Engines:
Tags: tools ,
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.