While toying around with Google code search to look for HTTP Response Splitting vulnerabilities, i discovered that code search is a treasure trove of vulnerabilities. For instance, simply try searching for “vulnerability”.
Looks like I’m about 2 years behind on this:
- Chris Shiflett: http://shiflett.org/blog/2006/oct/google-code-search-for-security-vulnerabilities
- Jose Nazario: http://monkey.org/~jose/blog/viewpage.php?page=google_code_search_stats
- Dug Song: http://asert.arbornetworks.com/2006/10/static-code-analysis-using-google-code-search/
- Cipher dot org dot uk: http://www.cipher.org.uk/bugle.php (Google Hacking with Code Search)
Regular expression search rocks. Why can’t you do this with regular search?